From nobody Mon Feb 2 05:56:45 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; arc=fail (Bad Signature); dmarc=pass(p=reject dis=none) header.from=lists.libvirt.org Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1768614063395656.9220192693895; Fri, 16 Jan 2026 17:41:03 -0800 (PST) Received: by lists.libvirt.org (Postfix, from userid 993) id 35E5E41C5F; Fri, 16 Jan 2026 20:41:02 -0500 (EST) Received: from [172.19.199.3] (lists.libvirt.org [8.43.85.245]) by lists.libvirt.org (Postfix) with ESMTP id 82E2D43DD1; Fri, 16 Jan 2026 20:39:52 -0500 (EST) Received: by lists.libvirt.org (Postfix, from userid 993) id ECDE241BA1; Fri, 16 Jan 2026 20:39:46 -0500 (EST) Received: from CH1PR05CU001.outbound.protection.outlook.com (mail-northcentralusazon11010059.outbound.protection.outlook.com [52.101.193.59]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (prime256v1) server-signature RSA-PSS (3072 bits) server-digest SHA256) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id 478B241B54 for ; Fri, 16 Jan 2026 20:39:44 -0500 (EST) Received: from DS2PR12MB9567.namprd12.prod.outlook.com (2603:10b6:8:27c::8) by LV2PR12MB999097.namprd12.prod.outlook.com (2603:10b6:408:353::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9520.6; Sat, 17 Jan 2026 01:39:40 +0000 Received: from DS2PR12MB9567.namprd12.prod.outlook.com ([fe80::636:1b52:24ca:d7e5]) by DS2PR12MB9567.namprd12.prod.outlook.com ([fe80::636:1b52:24ca:d7e5%3]) with mapi id 15.20.9520.005; Sat, 17 Jan 2026 01:39:40 +0000 X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-3.4 required=5.0 tests=ARC_SIGNED,ARC_VALID,BAYES_00, DKIM_INVALID,DKIM_SIGNED,MAILING_LIST_MULTI,RCVD_IN_DNSWL_LOW, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED,RCVD_IN_VALIDITY_RPBL_BLOCKED, RCVD_IN_VALIDITY_SAFE_BLOCKED,SPF_PASS autolearn=unavailable autolearn_force=no version=4.0.1 ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=fLCFFs/C6kHcDK1lzAj0J2b5F7F6VNtqPIdzjt9e8iyD7U4v472/dXGS7i8C+fq5gfuunyCEM/EJl/uzQBJRUrPXOqNjywFEJy4OaL6oFmb28mdugUxVzVTtCdXtYjOhdP9akNvryb7NQSzDzVL3OScvx+lyRXnTok1qDHjqINbboZ5SP5xM9w/Uny7bWc3zjZzgBnU/XTp9EsxnABGLGKQAOL9KmJN0M5OMjF4Zlv5H1oq9MyFbXT0bbg5fRQAvc3XdXP1sp71Vjca4BVX+7Y2gdRC4b0QWP18yLa6XJB8ggNXzTI3jD5NvwqesdgXA8wv7oX4K5H1+WjgIO2uA7A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=xhic2OxaxQd933e4TqTGhmC6VNUaZ/2UEQYOHX+0c3s=; b=rcaYcv7lEMiYEh4GBtQ52UC84KJ8+a653ZCoZuGugdwkBDDEU1zatB6StUKMX9OcWKP8BnO5PLQcejmxRh+lvSIYTes7IUvTAQd1lcceuXcH6l4+lXyC0CXAq3zaHJu6Tyfw4SQ+gq5GKL7kjxkFFe3+o+j/reYnYGXPtMEyGlmovV9MSsCyki87OcnkcNV3VqA77grz0K7v2vmEB/CEkyFwYnaanv47eb2eGVYjeU7p3dRi5Nu7KPav5XWxhK6FhsXNZIG2GHmGH75VD4WTxWXUGt60J+CjdxcgkDdZ9JfVfeuTXg5e3STTGi5goX1evoqcVvm7baYkwMu53Vw7kA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nvidia.com; dmarc=pass action=none header.from=nvidia.com; dkim=pass header.d=nvidia.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=xhic2OxaxQd933e4TqTGhmC6VNUaZ/2UEQYOHX+0c3s=; b=RgsyHTSJeMBCeb5WHGHcwR1ENLG4igxnCmX7bkOUXd908ZFStHl/XEi15uCb0YYsTwZ7WJ1xlDFZHBf2JUrda4zqdYnNuDVnEqsE3t5zuZxVUpMHr2tds7oOQONfadyfVVXew5KE5gKjnRQ1DkoAXZ+30dLDpXeRfkkEOYlx1fQpJ2jJUUKf7nZObgJ0QY0Q5h9gF25MklLeqPHerJ2tIb3U8r3915aFrILpJ09kLh+kTkrdCWfA3LTv0anSQkts2vNoBV7R8Sk6tzDNPze8liKm48NcQjSNRLJSw4SZ9RnfDC8tuuAYVXPyu7VAKmk6wrON+eIcbHoMfD2sgkHuEw== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nvidia.com; To: devel@lists.libvirt.org Subject: [PATCH v5 1/7] qemu: Implement support for associating iommufd to hostdev Date: Fri, 16 Jan 2026 17:39:31 -0800 Message-ID: <20260117013937.3803457-2-nathanc@nvidia.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20260117013937.3803457-1-nathanc@nvidia.com> References: <20260117013937.3803457-1-nathanc@nvidia.com> Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: BYAPR11CA0073.namprd11.prod.outlook.com (2603:10b6:a03:f4::14) To DS2PR12MB9567.namprd12.prod.outlook.com (2603:10b6:8:27c::8) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS2PR12MB9567:EE_|LV2PR12MB999097:EE_ X-MS-Office365-Filtering-Correlation-Id: d75c682f-e2b6-442d-e1a0-08de5569480d X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|376014|1800799024|366016; X-Microsoft-Antispam-Message-Info: =?utf-8?B?eU11dzFPMXhCWFJGWnowWHp3bXlwQXBxcUlsQ1BjYVZGblZYdEVnREZJVllO?= =?utf-8?B?b3JOQWlZd215NGk5QXJhNDVZTzdBRG1HT29KNlpDVTN0cDJZZHVNak1JTHhz?= =?utf-8?B?MnVxYWVacU5ENFZDNHlBZWU2WWF1Vy9maS9xYUQyUHZUMUNwM29KQmk1WFBC?= =?utf-8?B?R0NXcFJKRkRqMk9SZVZGVkpUUEwyMDFqMk4yZ0luUEcyZUtTbEFwQkFQSDU2?= =?utf-8?B?TTlZZEQrL1FMaUhtcU1oY2gxSFBLR0orU2tFUDdQT05udHhmTWJxRGlDakRW?= =?utf-8?B?ZWo4NXJOUkt2MVZGL1NWREJXY1hkSWJzNjJSeUFmNkRKdFh6UVRzT3RNSXdw?= =?utf-8?B?RGVUTFBhVS84TDJ4RTBWTnpaOU1GME5rZ3kwaWw1Q3JnZG1acVlNNkVyQ0w1?= =?utf-8?B?dTQweU41VzBUWXNQS2RIMnZxcm1rVWo3WUNqeVBsVWszUmd2UHZlUE8wRTVW?= =?utf-8?B?TVRqMW9kbDk0VHE2NDUxRWRSc3BDcTRRL3I0Rk5KS1FCYlBma2ZqSXY0TExY?= =?utf-8?B?U3VmY2dpWU84N0ZaY1VtWFFtZnAxajhHOTdNNEx2L2U5TlNtbFN5Rkl5cFBC?= =?utf-8?B?UHFXMUhTbzNENTZLVzJDdmkvWEw4S29QZk1aV2k1V0tBTFdEd3ZXbFI2VlFC?= =?utf-8?B?b0xKRXprMWI1c1JpOXdlY2JSMHNtNzRWcHlVM2xRbC9MMmdCdnJzbjNVU3JT?= =?utf-8?B?NkNpRGtJYTNROHRpdXQ3bCtnQ0Q1TVFLN2g2bXFQL0xtVk5lVzd0bmZ6R0Fl?= =?utf-8?B?bWhzUFpLejZzeHpJMnkzcEphVlBXSVhmbjNtUHBzVlErNFFlUU5UaVdUQWp2?= =?utf-8?B?bGlIZk5FSjRya0trc1Fxd1NuUnY2WmNMV1duaXlqTjVhcWZiNVBrdm80aXlr?= =?utf-8?B?ZUhhRmlRRWZMZmJORUlGdmNMTExFV3ltRXAzekJFSVlpdXVZSjU4c2tDOUFF?= =?utf-8?B?L2I4SjhvV1RJcTU1YkRUdHhvbXl5RVYwUExsaVI1a1p2SkYwMkdOZ0JFYUt6?= =?utf-8?B?VmR3Vnd1cVluczAzWXJielVjekhqOU5hcSs4VU0xVEcrVE5za3pGSlh6TE1x?= =?utf-8?B?RkZXeGlWU2dzNU9TaGJaZUZWNXNtWForUS8zZm90eThodmpsenltWVFCWUpS?= =?utf-8?B?ckZtOE9DSndtV3IycWJmekhLVXplbjJtWThkSzFCdngwUXY4RkVsM3NGTkVP?= =?utf-8?B?NFVTSEsvMndlOGpSVFI4MDREVHNsZ2JXc1htcUFYT0tKMDJRWXhyQnhENnN0?= =?utf-8?B?bnZ4UlRzS2hpN0NYNllLcWFKV3ltMW9YbzlwWThCcGlLcDFva1BoMmtuVkQ1?= =?utf-8?B?SUE5d2gydk94K0kzWFcvMURJM3dqcHFLYWhSUHNTN1pCRE04bUd1MDlpNkdN?= =?utf-8?B?V3hUTURkRCszWExNakJVM3B1OFl4UUxybHg1V3gvazRmV3ZxRVpLVFhLRWVF?= =?utf-8?B?SHpUR2lPZzhmZ210NWJKT0Y1MWpxZTVROVAwQjVvMnNXZzNlTlB1Rk1udXRm?= =?utf-8?B?Mnc5ekZ5UzlBUFVwM1dFOEIxRndXNHlPakliY0E4aDdoZmRFWEx0SUs0QjI0?= =?utf-8?B?T0ovdlpkOVZET2JMUCtOY2NMMDViNXhUbngzd1dGZEcyaG5LQSsyVEFFdkJh?= =?utf-8?B?dFA3dDM1R3g5Snk4N2JwY056Ym9rbG5GUis1SUEwbXlqMXZTTCswUEJyTytH?= =?utf-8?B?MWdRdmRjZlZKNG9PM3I3bERDSVc1c0o1UUNqUDhiRmdVM2NHSXVVRFRJZm1N?= =?utf-8?B?aCt0TnhOTE83eEhMeHFRUFl6U3F1MVNGWXFUeEM2VW9hUDE4dno1dXk1L0J2?= =?utf-8?B?TmwyZFlBdTFOTk1KamRydWZMcEgwYldCdVhWTHhwck1qNS9TVVh1ejBacXJw?= =?utf-8?B?ZHJjTHFvZHhnV1I4QXY3dXhNY3BZMjlNZ2hpVlVvQ0pmWlJtanFHYk1CRXIz?= =?utf-8?B?YTU3Qkc3TTdlWWNFSFBMNlNDK29maDAwMENuZVhXRVdpeDRRcndtamtWcFBM?= =?utf-8?B?TEN0eFI4T05sdWhnV29Tb1p6SVF3aUtIUDdDNnFFVlB4U3RwVGxOODlGbTJo?= =?utf-8?B?WC9NdFlKOWZIcXV4bjZ6ZnpDRGlOS3BkU05KMENVcTkyeHBZa2NhSTdzUUFM?= =?utf-8?Q?rX3Y=3D?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DS2PR12MB9567.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(376014)(1800799024)(366016);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?Z29UaDQzaXo5MDBzNWJSQnd4VEE2TEUvWVJoTXpvRnZhZEpLdnloclIzWTdB?= =?utf-8?B?NGxEUjgwYkowWUpURG1HR2VCTmpXYXVXOTJTNUJZdGwySmNCcnFMUkUzWHI4?= =?utf-8?B?ckxyR3hZZ2IwQjFJV3BEdUFxSFJvaXUzR0w2Y2x5amZlb0hPSzhDNXp5a2Fy?= =?utf-8?B?WHAzS0hUdFNqcS9sb3B0WWJlRW12SzR5L3huR2xjaEF5UURnMWNzNUJCaS9r?= =?utf-8?B?QjNkM2ZnWWdyVWNNSzdoR3hqR3AzTEVoWHJOc1NrYXU1WjF2VnZieHpxS0Jv?= =?utf-8?B?Wjl5eDVYczVZVUg4V1czVWdPcjM5cGFWeGVKNTZNazN0SUJ4d3prY1pEYUtM?= =?utf-8?B?MFhLcnNtcmhrTTJZZGI0eDlSbStLcXdBamt1TXB0NFF4R2QxZlNrT0NDVy9J?= =?utf-8?B?NTVxZjFHbWk3eVF3bHR1QUdSR1I3VFdvU2ViWjUyM0tlOUErczJCNGN2NW42?= =?utf-8?B?dXlVYmlvWHVlSkRuWXFjVFRUV05kQm9mVmt3TXB6SHJGY0JQWUdscHRIT0hM?= =?utf-8?B?TlpDTGw5MVlpYWpqbExhVlBwM0lJTm4zSkVHTXYwZElxUEJEK0FRNmJkZGpr?= =?utf-8?B?enRxZHZ4MXRVYWFNZlEyYnBWYU9GRi9LcWFiRHI4KzhaTmxmbnZma0p0OU5x?= =?utf-8?B?b2lQenArZGtyYmkyR1hoOHptMGNLblRMd0g5alFmLzREYUtMdm5TcS9PV0Yv?= =?utf-8?B?VDNYUmNBVkd4MmVMa3FZS3grUFNIRE00SXFVTVJsZUZ5V2RCRlZyWVBwZEcv?= =?utf-8?B?SVVtUHROdmRqSmNyTG1BM2lic3QydnBVWEVtRUdlSzV6b1dNV1ZGTndDc3pt?= =?utf-8?B?NjB0Q1BRRjl0UlVHVkNsNlZBYXhRMnVSaW96cHkwZUF5MmF3dW1QQXo4aDlz?= =?utf-8?B?T3MyTEZUcGZCZTlKTVlLejh5akRwWnUvSklRMEdOSTM3VS9QWitWMmhRcElC?= =?utf-8?B?NTFGRjh3WnN3SkYyTEphYXFadDRiNlRlKzZOU0pQU2M4Ukc5UjJkYTYvZnJo?= =?utf-8?B?NmpzaXM5YVpOWk1YK3BYUEZSTDFZWUZDUitLZ3c5eHNaVmJNTG9kUlpyTzk2?= =?utf-8?B?Q0lvWE93MmVieHZPVjVrVGh6V1QvckgxUGtQT2hGWGdqMzI2OWFjQXAzRG9v?= =?utf-8?B?cGxaS2tKWFFza0ptNGFocGM2NnQ4czZITXhUT0N4UTI0QmhkZG5FQmp4ZnFr?= =?utf-8?B?cW1nRFUxS2g1Y1FmRFlFcTF6MS9iVGJhRDhUWm1lQUZkenVVTkIreUFsYVNr?= =?utf-8?B?aWFueUd6VGc5eXN0by95NnNFUStJUFJpY0hDQk9tL21yTmp4QzN6RGFDN0Ex?= =?utf-8?B?NXNzaGc1UlE1S0VxV3hzREo3WlpQM3E3MGE5RktOeVc0QjZrZmgrOWYranBz?= =?utf-8?B?Rnd4bng4REFOUFBBNkFPQ1JrMC85QXVtSitvZmRwb1ozTStFYXBpTmJUL1ZX?= =?utf-8?B?QVRDUUZsYnZ3d2Ywd3V1dlhCRkxZRy9DWm5BeDMzNWxpZW53a1E3SnJ2QnJQ?= =?utf-8?B?dWJqcjBKZ3BDNGx2bCtEa2thVnRPZzFRQ3d0cEJ3ZnFXM0t2WTZWUktlbWpT?= =?utf-8?B?VXFjTlhpanZKWjVpTm5Mc0tLVE9DRlFVaHBMZ015aTM0emIvWUFQUGVxV3Zj?= =?utf-8?B?RkdkelYwdEJTbmFuemU3VHY0Z09MSHhURDhtNlg0V0JPNWo1NTlLR3hlWmkv?= =?utf-8?B?a091dDVISjdHNVd0QXNMUDRlRm5ISGRGRERoNnhxdFZMWWRqUHFqR2RhZGd2?= =?utf-8?B?YTZSVEU3OTAvN3pDOXI3M1BpWEJtaFN1TXBxMXNmblJXT2ttbDR3T201cThC?= =?utf-8?B?RXpOTE1jeWU1aW9STmxaOGR4RnV1VDZXd1lncGNIYjRTQUtZajB3SlBUUUlI?= =?utf-8?B?WEczZ25VZXJRYXlWSC83MzdrcDhReHlVSlEvWGlhSmQxMVNhcHJ2blBCaTY5?= =?utf-8?B?aDNsL3Avd21xbUxDbjI1V21UbXo5MU8rVWxQYXpxR1RsbEg1dlViMGcwY1hC?= =?utf-8?B?eTVoWlpoejF1bm9vVExEYnVYaFJwL1ZNRHRFU3RHeXRVOFZHdjcxVFRUWjhI?= =?utf-8?B?SkM1VlNPSzh3aFZOT2EvcWJUcVd2ZU5lMWFtYjk0enNybmhYY3VqNTRuKzM1?= =?utf-8?B?L2lubDVCY2VBRnJuR25GRTZVZDRoeGd6OFlSa2RzQXczL0VTNTdtU2h6Qm5L?= =?utf-8?B?RFdrbE9ZclBrUUJ5V25HZnlGd1ZBV21ncTV3UEw3dmY4UEc1dThoT3FPbmJx?= =?utf-8?B?VkZVTThHUzFFMHlEUVNvdEhhajR0YWVmd0JSOVBFclZCZlhFYmY0dUZabUZ5?= =?utf-8?B?T0NUNW1Ya0FPYzN6Q2VhWERpZ1BlUGZRWERidkl0L24yRTZmbE9OZz09?= X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-Network-Message-Id: d75c682f-e2b6-442d-e1a0-08de5569480d X-MS-Exchange-CrossTenant-AuthSource: DS2PR12MB9567.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 17 Jan 2026 01:39:40.3181 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: 3uLmjddVV8J4au+n96mblFtekvZGjo5ZT2CJ51k9F/OvaaSQWkA6UF9rVM/7vRpmy3Icm/x5VvQziMDOdfqTRg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: LV2PR12MB999097 Message-ID-Hash: HFTXXPENAQ5ODVNTK72CNDHNECSEE4FR X-Message-ID-Hash: HFTXXPENAQ5ODVNTK72CNDHNECSEE4FR X-MailFrom: nathanc@nvidia.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; header-match-devel.lists.libvirt.org-0; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: skolothumtho@nvidia.com, nicolinc@nvidia.com, nathanc@nvidia.com, mochs@nvidia.com X-Mailman-Version: 3.3.10 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: From: Nathan Chen via Devel Reply-To: Nathan Chen X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1768614067784158500 From: Nathan Chen Implement a new iommufd attribute under hostdevs' PCI subsystem driver that can be used to specify associated iommufd object when launching a qemu VM. Signed-off-by: J=C3=A1n Tomko Signed-off-by: Nathan Chen --- docs/formatdomain.rst | 7 +++++ src/conf/device_conf.c | 11 ++++++++ src/conf/device_conf.h | 1 + src/conf/schemas/basictypes.rng | 5 ++++ src/qemu/qemu_command.c | 46 +++++++++++++++++++++++++++++++++ 5 files changed, 70 insertions(+) diff --git a/docs/formatdomain.rst b/docs/formatdomain.rst index 04ef319a73..08fc3f3944 100644 --- a/docs/formatdomain.rst +++ b/docs/formatdomain.rst @@ -4920,6 +4920,13 @@ or: found is "problematic" in some way, the generic vfio-pci driver similarly be forced. =20 + The ```` element's ``iommufd`` attribute is used to specify + using the iommufd interface to propagate DMA mappings to the kernel, + instead of VFIO alone. When the attribute is present, an iommufd + object will be created by the resulting qemu command. Libvirt will + open the /dev/iommu and VFIO device cdev, passing the associated + file descriptor numbers to the qemu command. + (Note: :since:`Since 1.0.5`, the ``name`` attribute has been described to be used to select the type of PCI device assignment ("vfio", "kvm", or "xen"), but those values have been mostly diff --git a/src/conf/device_conf.c b/src/conf/device_conf.c index c278b81652..d68232a4f4 100644 --- a/src/conf/device_conf.c +++ b/src/conf/device_conf.c @@ -67,6 +67,11 @@ virDeviceHostdevPCIDriverInfoParseXML(xmlNodePtr node, return -1; } =20 + if (virXMLPropTristateBool(node, "iommufd", + VIR_XML_PROP_NONE, + &driver->iommufd) < 0) + return -1; + driver->model =3D virXMLPropString(node, "model"); return 0; } @@ -93,6 +98,12 @@ virDeviceHostdevPCIDriverInfoFormat(virBuffer *buf, =20 virBufferEscapeString(&driverAttrBuf, " model=3D'%s'", driver->model); =20 + if (driver->iommufd =3D=3D VIR_TRISTATE_BOOL_YES) { + virBufferAddLit(&driverAttrBuf, " iommufd=3D'yes'"); + } else if (driver->iommufd =3D=3D VIR_TRISTATE_BOOL_NO) { + virBufferAddLit(&driverAttrBuf, " iommufd=3D'no'"); + } + virXMLFormatElement(buf, "driver", &driverAttrBuf, NULL); return 0; } diff --git a/src/conf/device_conf.h b/src/conf/device_conf.h index e570f51824..116b959143 100644 --- a/src/conf/device_conf.h +++ b/src/conf/device_conf.h @@ -47,6 +47,7 @@ VIR_ENUM_DECL(virDeviceHostdevPCIDriverName); struct _virDeviceHostdevPCIDriverInfo { virDeviceHostdevPCIDriverName name; char *model; + virTristateBool iommufd; }; =20 typedef enum { diff --git a/src/conf/schemas/basictypes.rng b/src/conf/schemas/basictypes.= rng index 5689170fad..381e0ac24f 100644 --- a/src/conf/schemas/basictypes.rng +++ b/src/conf/schemas/basictypes.rng @@ -673,6 +673,11 @@ + + + + + diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index 0de0a79b46..5274b33d17 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -4761,6 +4761,7 @@ qemuBuildPCIHostdevDevProps(const virDomainDef *def, g_autofree char *host =3D virPCIDeviceAddressAsString(&pcisrc->addr); const char *failover_pair_id =3D NULL; const char *driver =3D NULL; + const char *iommufdId =3D NULL; /* 'ramfb' property must be omitted unless it's to be enabled */ bool ramfb =3D pcisrc->ramfb =3D=3D VIR_TRISTATE_SWITCH_ON; =20 @@ -4794,6 +4795,9 @@ qemuBuildPCIHostdevDevProps(const virDomainDef *def, teaming->persistent) failover_pair_id =3D teaming->persistent; =20 + if (pcisrc->driver.iommufd =3D=3D VIR_TRISTATE_BOOL_YES) + iommufdId =3D "iommufd0"; + if (virJSONValueObjectAdd(&props, "s:driver", driver, "s:host", host, @@ -4802,6 +4806,7 @@ qemuBuildPCIHostdevDevProps(const virDomainDef *def, "S:failover_pair_id", failover_pair_id, "S:display", qemuOnOffAuto(pcisrc->display), "B:ramfb", ramfb, + "S:iommufd", iommufdId, NULL) < 0) return NULL; =20 @@ -5321,6 +5326,44 @@ qemuBuildHostdevCommandLine(virCommand *cmd, } =20 =20 +static int +qemuBuildIOMMUFDCommandLine(virCommand *cmd, + const virDomainDef *def) +{ + size_t i; + + for (i =3D 0; i < def->nhostdevs; i++) { + virDomainHostdevDef *hostdev =3D def->hostdevs[i]; + virDomainHostdevSubsys *subsys =3D &hostdev->source.subsys; + g_autoptr(virJSONValue) props =3D NULL; + + if (hostdev->mode !=3D VIR_DOMAIN_HOSTDEV_MODE_SUBSYS) + continue; + + if (subsys->type !=3D VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI) + continue; + + if (hostdev->info->type =3D=3D VIR_DOMAIN_DEVICE_ADDRESS_TYPE_UNAS= SIGNED) + continue; + + if (subsys->u.pci.driver.iommufd !=3D VIR_TRISTATE_BOOL_YES) + continue; + + if (qemuMonitorCreateObjectProps(&props, "iommufd", + "iommufd0", + NULL) < 0) + return -1; + + if (qemuBuildObjectCommandlineFromJSON(cmd, props) < 0) + return -1; + + break; + } + + return 0; +} + + static int qemuBuildMonitorCommandLine(virCommand *cmd, qemuDomainObjPrivate *priv) @@ -10933,6 +10976,9 @@ qemuBuildCommandLine(virDomainObj *vm, if (qemuBuildRedirdevCommandLine(cmd, def, qemuCaps) < 0) return NULL; =20 + if (qemuBuildIOMMUFDCommandLine(cmd, def) < 0) + return NULL; + if (qemuBuildHostdevCommandLine(cmd, def, qemuCaps) < 0) return NULL; =20 --=20 2.43.0 From nobody Mon Feb 2 05:56:45 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; arc=fail (Bad Signature); dmarc=pass(p=reject dis=none) header.from=lists.libvirt.org Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1768614196828212.23997539659194; Fri, 16 Jan 2026 17:43:16 -0800 (PST) Received: by lists.libvirt.org (Postfix, from userid 993) id EAAA841C92; Fri, 16 Jan 2026 20:43:15 -0500 (EST) Received: from [172.19.199.3] (lists.libvirt.org [8.43.85.245]) by lists.libvirt.org (Postfix) with ESMTP id C930141B52; Fri, 16 Jan 2026 20:39:57 -0500 (EST) Received: by lists.libvirt.org (Postfix, from userid 993) id 0A41741B63; Fri, 16 Jan 2026 20:39:48 -0500 (EST) Received: from CH1PR05CU001.outbound.protection.outlook.com (mail-northcentralusazon11010059.outbound.protection.outlook.com [52.101.193.59]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (prime256v1) server-signature RSA-PSS (3072 bits) server-digest SHA256) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id 668B341B8E for ; Fri, 16 Jan 2026 20:39:44 -0500 (EST) Received: from DS2PR12MB9567.namprd12.prod.outlook.com (2603:10b6:8:27c::8) by LV2PR12MB999097.namprd12.prod.outlook.com (2603:10b6:408:353::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9520.6; Sat, 17 Jan 2026 01:39:41 +0000 Received: from DS2PR12MB9567.namprd12.prod.outlook.com ([fe80::636:1b52:24ca:d7e5]) by DS2PR12MB9567.namprd12.prod.outlook.com ([fe80::636:1b52:24ca:d7e5%3]) with mapi id 15.20.9520.005; Sat, 17 Jan 2026 01:39:41 +0000 X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-3.4 required=5.0 tests=ARC_SIGNED,ARC_VALID,BAYES_00, DKIM_INVALID,DKIM_SIGNED,MAILING_LIST_MULTI,RCVD_IN_DNSWL_LOW, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED,RCVD_IN_VALIDITY_RPBL_BLOCKED, RCVD_IN_VALIDITY_SAFE_BLOCKED,SPF_PASS autolearn=unavailable autolearn_force=no version=4.0.1 ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=LBa8LtP3yxejWOYfpi4l4Bnm9Ip0ceNrFeBbgY5HtC1hgS/5fE1Yhm1Q/Rd0/LY3Abp3bxIBwFDYem4Scxgkw8hm+dVvaCFt3v028c+QSuHs7vJ5urBM9mQx7oNS5G2SL2gQ34BB8x7R66jnm8wTbBvV8vzdRyhOYRlI1UQlU3qIGFyQF96nkh3s3INieQrh9rdQYQY8W5sSHgTOd091uMIEjA9KT6m81DO3QrWN4v71OIIPpMwb+sEc9AvpCCxvtxSrxuggAtGDHXyiAPA/gnri8tW3B0T5QHf98eGOe5GeRmNOyN5i6TPpqTxg/2iHw5IAu5Aw1lmNWbbEc39yvA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=uZbghMO9IKLu41pJZeeSZdFKUe6fEXORq0z2qQ6SiO8=; b=FuZs9In+IprTIqLAZJSA6nTGe7FQ+11/vNjW7+5WML0J6Gnv4pujAFgk+SBHApoPhQ5x+GGMAD3xy2HUS00xpImTs1RaiJu1scrLF3nxhvKETyuKyd+p3ZPv5nCYZyiXMeR9DKTyBMOIoEfs87BYaiCqhaJRvn6p0nmMVIEaftltnFKcVjWLcOcIvq1R7gnMECn3z295VjzBBhSKe96epI85Yw7hNYsD/Gt/gCTbwxuhRn+SKv9kBltEikywAkLrSxQgJt4i1FCa66KyDSrVQvsDdevmhbMy19mGJInMbHQV+zU4apxqu9z1X0SWLYPfJ9YxHRbjvDBxQF42g2Wxaw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nvidia.com; dmarc=pass action=none header.from=nvidia.com; dkim=pass header.d=nvidia.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=uZbghMO9IKLu41pJZeeSZdFKUe6fEXORq0z2qQ6SiO8=; b=DHfUUN9Xvb3kHICA4oaTkdnKT9k4uhSmdZ7Z9QE1vQ/Ww3XrtaalvrKSl0YHhPvngjXzLdmt7thJ5hyb0Q4AXYev0K1mzu91wjI/X1rWIlmkNHkDVwwvcrTMWduSvFnmOv2QBIuPxIdV5cyrUWLI+bxrjjZhVVyGtXj1vI6BnfmNsXYuPkuxw295hTOYs1i1kpp0w+iery7fCfWBIIgpLUFu/NriBNo1XqpcWZQ9RW5dFX7wdxBEDagaqbH8mJniYsSj4u2Y7T9IOk5PZmqS5f/Ic0RihFweKHLcWTysXHQwW79GBASLwGqI5c0c2COY5u2oWgddVeImBIGZUEBCoA== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nvidia.com; To: devel@lists.libvirt.org Subject: [PATCH v5 2/7] qemu: Introduce privateData for hostdevs Date: Fri, 16 Jan 2026 17:39:32 -0800 Message-ID: <20260117013937.3803457-3-nathanc@nvidia.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20260117013937.3803457-1-nathanc@nvidia.com> References: <20260117013937.3803457-1-nathanc@nvidia.com> Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: BYAPR11CA0092.namprd11.prod.outlook.com (2603:10b6:a03:f4::33) To DS2PR12MB9567.namprd12.prod.outlook.com (2603:10b6:8:27c::8) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS2PR12MB9567:EE_|LV2PR12MB999097:EE_ X-MS-Office365-Filtering-Correlation-Id: 2ae07c0e-15bb-40af-77dc-08de556948d4 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|376014|1800799024|366016; X-Microsoft-Antispam-Message-Info: =?utf-8?B?L3NDMlhGeS9SS3ZQc3Q2bHl1ZlRSNzZKNHlxaG1OcW5lZ1prbVkrL2loTVBp?= =?utf-8?B?RHNRYXVkblg5K2gzQVBZMTJPb3c2MFBmN2tvNHovNDh4T1NYY3VTWHpaV1Fo?= =?utf-8?B?TEhFMHV4Wk9OdW5FZXNuT0lFL1B2Sm5aTUoxUDh2RGJkdkVDMlZDZUJRaG84?= =?utf-8?B?cW1VT3J2aG9TSEJJbW1PSXliSkVVRkc5SkZOc1dhMC92b0pEeE1KOHZYK1JO?= =?utf-8?B?bUl3K1ZhRGRpZmQ4SDJZU0Z4MzlCaVFtZmZjTTNXVkJteGd0VmNlZXFiNEo3?= =?utf-8?B?V2k4bEZmajZhNVFvR0VhK2lhQlVQcVJZTEVkRlJ5bEVPSGJXVmNuV25Fa09U?= =?utf-8?B?c1VEUW9weHVWVFkrMEU0MHJBMkwxa0VqVzh3bEFKakRCYS9GalVyZ3ptU0I3?= =?utf-8?B?WGZtRk4rQWh6eG5yWHY4UEJVZklWZ3V2QjdPQStxbjJ0eVJBOVpITHEvMW9h?= =?utf-8?B?dmZoOHp6V2p0bkVhZlZZWGp6emhwVVRMTFlrRmt3cUxXWXViZUtPYW5FMk4y?= =?utf-8?B?UU1Ed1Q0Rmk1UGRPdjN6ZjFlZmV1UlR6SldVMi9Yc2hFalNqcGlJS0c5ajJs?= =?utf-8?B?K1lDTDRubVZKcDA4MmpybXN5aWlRTmNUUzEzR0cyUTU1U01PN3dhYWJKRi80?= =?utf-8?B?cDgzRkdpTHR4MlRsV3R1eDVwR2VoVVR2VWw1aHowNkVvenFLaUJjcTd2aElY?= =?utf-8?B?Vml4aklkM3BXN3JYOHdIZ1JVUkxGekpyWjlVcXcwK2RycTlCa0wyRW91aXgz?= =?utf-8?B?K2dJNDZtR05zUExGUFRKZ0JGZ1ZVMXc3RUtHSGp2U2drS0tRVTVYUGo3Snph?= =?utf-8?B?Z3lxbWVpakxlTnFaQkdoV0hLSWVLY3JsWXVYL3hVV0NXRjZOVXZXM29uT0hl?= =?utf-8?B?YkIxZXE1MXlmOURLVUpPYm9FRitySjFtcHZNNnlwWjBwdzlZYWhkSUxjYlh0?= =?utf-8?B?Q00rT29aeGlsOW5VcE14TXhIU0hzWCtCYkR1cGxobFdEanIvNVlYVlM5Qzlr?= =?utf-8?B?OTRQSEo4Ry85Q25aM3FzTkRxRU5VSTFzVTFkcCt3VThXZFlGa3VSM2RBbHA1?= =?utf-8?B?Q0R1Vit1OUpqVS9xR0wwYy9MZUFqcjlCNXJKREpQdXd1OXRtNnIxSzdqb1FS?= =?utf-8?B?STZrY0dFMzV2a0RZM04xWmp5NXJxTkhrc01VSEZPYXE2ME40YksvMzNCWTZN?= =?utf-8?B?ZjlDZnpBVlZUSmFXTldFWGJZTFhGa1ppRGJCRjRYNEdyTFZ6eEhlSGtTVmVB?= =?utf-8?B?WmZ1WDExMlFNbURmYUM4TnEydTFYb3ljbzRsTTZvVktYK0NPUURWSEEwVDFK?= =?utf-8?B?NXZwRHpPU2xRckR1d08wcHNTR0dVckFzZzFZMm9qNm5FVGtwTWd1STRDL1Bu?= =?utf-8?B?QjEwODVqZDZYQ2tsbi9hdWNUYnE4ejZ0U0dPbStuQWUyUjl5L3lRdm5NT2JQ?= =?utf-8?B?YURCcERncEUwVGhRbCtFSEMvUlRIUWcrb2dvQVdMSkhPTW9OcVA4T0Y4cVF5?= =?utf-8?B?SEtIMVFvUG50bStTeUJ2ZS8zZEg1S2xtR1c5aXRQM1ZOcE5PZGY0ZUFxdG9m?= =?utf-8?B?eXNqcUg1Q0dEYWx6b1RoMEkxRG5aank4WXplYlhsRTUxajFQM2RiSUp0b1ZN?= =?utf-8?B?dFhKWUFjai9rZ3RLamdvRkRJNU1LRVR5VkhmMWhGd05JNmdsNFVyUm1lYjZn?= =?utf-8?B?WThDekNpa1JtUnI0WHBKODVkYkVjUEFIZ2dCUmRYejVha3BTRkRPMUtUdkhB?= =?utf-8?B?Nm1vMStsbGR6VVg4MDh6Szh3b0xxM2dZcTNORElqRU5vY05jWXZFbHk3R0pC?= =?utf-8?B?ZTNyU0d3UVBmYmYzUlh2cHBXNkJlcTA3YWY4NjJzVCt0RHIycUZLajNKaFE1?= =?utf-8?B?Z3cvekZlWjlZNXY5VWdJdkVzTWZQbnpISmt0MG9WcFN4TzV2cEdDeUJpVXNV?= =?utf-8?B?NzdwSmM2cm4rZ3cyRjdnTlBzNEhabVMwUFk4OFBwbjlRdytEeGw1bmJSYnBa?= =?utf-8?B?cTJFSVNoOTNIcVBPZVZrNDNSZzl3S2pxM0RLdldwazRRcEVEUzZjUElHRUVz?= =?utf-8?B?K3BZK2JOeDREVUpVWHJud0lkbjkxUlNFMFQxQ3E5aVltTmNpeHltT29GUUQv?= =?utf-8?Q?91hk=3D?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DS2PR12MB9567.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(376014)(1800799024)(366016);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?eUw1MlYrQkVRSHVGaE9Rb25FcWprNFBEN1lMRFkvc3g1NGpKRGRrMVEwZWxt?= =?utf-8?B?UEhhaFl2cXhodTJmZ0JBYjZhdzJWeklCUHlDdCtuUnZYZ2laUjB1TzdiK3RL?= =?utf-8?B?SXJOcDRLa3p6dUpwOG95ckRxVktaL2dSMW5pT3Z5ZWc1RHJrTmFYUytsSGY3?= =?utf-8?B?NGZWVDlYbVVmMXJyL3NOekFHY1BOeFMxRUpwc1BNS05qYWpTK3BqS0VJdFY1?= =?utf-8?B?TE5WN2Vid014RGdVcFlXRlFBSXJHd0hHSGo5eXpZQy9ybVlkTlVESFl6eGc3?= =?utf-8?B?TjFheFdUL1ZQaEhRbTMwdHd6M1pzSXRMaXBIc2s1VGEyNC9QVHlnRGt6MzhN?= =?utf-8?B?MitacmFHaXlocGcwQUJPdU96UXlheVJhOW16eWZGL1VxcGhWa25hMTRld0h5?= =?utf-8?B?MTBnbCtBVFVDU3JyRzYrSytPVkp1R0g4QjZicmJKUG1nd2JjWVRwRTlPMitj?= =?utf-8?B?SnRVWFlWQXdwSklNa0lFZk54WGNuZThwZWZ0WWRUa09UenFvQ3hSMUlKRkVB?= =?utf-8?B?Lzd1QS9VN281aklMZlpaTUFOMktaUWVzWWV1Uy9tSHcvWDlEMCtPdE91dytz?= =?utf-8?B?R3BQUGhTc3VaZCs5Q29PVTBMZE9KMzd5am5yWUhyOGtleHlWSS9PbVRLQ2pD?= =?utf-8?B?Rit4Y2FIWlJielV1VTFSaWc4dkVvcldQVFE2ZSt3RmtZV2MzZXl2eUNzMEVK?= =?utf-8?B?dzNIeFVxVytoQWdMeU5OSzFBK2RScnNoeWxYK2psTHN1QWIwTXdaV0Zhbmwz?= =?utf-8?B?NEhQMWY5RTFZcEJKaDZqYVpmNlMzbnduSDJTM0dkZG5CN1hSaldIYzlMUjdI?= =?utf-8?B?WG81cGdzVVYwWC9SMy9uSUNBYXF5QXUvSk5sVmhjejB0eEROWWxidVNpNGtl?= =?utf-8?B?WWhjcENGNGxaOU9BMXRCNnpQbDBJajVuazZQTVdLZHQvZTR2UVZmZFp4cS9t?= =?utf-8?B?anZZSThaZExmVUkxb2FWcEVlcUVyMHFNUnJadUo4TUJuS2ZDdFJjdEljak5H?= =?utf-8?B?SGlSMlN3OTkrakdBOU5WaUY2VEFwa3ZyTTYwRC8ycTZmSk1xa0oyc0RsM1NO?= =?utf-8?B?b3pYcGlPM2ZXa211ZUFpL1RjMnk3aUFNem15SXNNZDV2TzRrMW1aTVNmL3pN?= =?utf-8?B?MWhuSkEzZ09xOXVmSUUyaGoweWRuYklFNlA5dW0rZ25SZmhTc2RLQTlENkxZ?= =?utf-8?B?dXhrYWNmUXkya3VwbzlVeDYzdXdHaENrNlN6SWtmTjYvQTVDUkNoWU5Qb1hD?= =?utf-8?B?ZzBjampsdW5idFR1bXFyOG45NDkyTVMvcW1vb01TRmI3RjVicGhiTEt6aGY5?= =?utf-8?B?TDVOOGYzOHhKcnQ3SkxVTjZNbUtxWmNFdXlnSnVvbHl0M3FBT294djhoWWVY?= =?utf-8?B?QmNscVJXcUJlMXduUlkvZzlCTXhHbnd1aWxiMC9ubmR2YzNYNnpCN2MxRjVB?= =?utf-8?B?N0JCYU1hMktLOWpsdHhCc2FVeVp2SFlhY1FnanprZzNtZEsxa1ByTWRmZlpx?= =?utf-8?B?cCtFTFJvSGVHNldNLzVsNHVleXNMNGpQMHRZTk04cU9EQUkwRUs5ZEc4S3dt?= =?utf-8?B?LzR1V1JuS0FqdERXQ1V1ckE4dm8rVGk4d0ZrY2h2dkhJZ3RXdk1Nanh5akFI?= =?utf-8?B?OGdFdGNWb2luUFM3NzhuTjJISHA2QlE0WVdLYkgvVXN6MVlGT0VOQ2lqZTl6?= =?utf-8?B?T2NRTVphVXNaZEt1cHN3ZG9pWGE1em9pcHFpaC8zUWRKa0MrMXNtWkwwZ1pW?= =?utf-8?B?cU0zMSsxQnpiSjhNVkUxM0lOaVhJY2pCVTN3SVc4YWNhWDdJNGoydVJYR0xv?= =?utf-8?B?YjlGWjJZQlFRVUZQay81QnM3bEx4UEd0a0hSTEd2eStyZ3VQZ0lBeFpDZGdh?= =?utf-8?B?aGN4UXIzWUdjbGVweHFGelg3bE42cmVQWWJPcHVGdUM0WENTWEVHOE9TMDR4?= =?utf-8?B?bVp1ajhaREE4SmUzbEdUN3B5d01vUEVzaEgvenBkeTdZWFIrNTdGUTYyV3JV?= =?utf-8?B?WThRRldkZEZJam0vNmdyMHF1UTJhNFNFQ1VTcHRhWG1CSE9XSVlDRzY5cmFI?= =?utf-8?B?SDg5VllXbE5PVlBJUWdFZlJlTDBqdElvbUJTdFdUdDhtTlo3WDRSY1FKU1Y2?= =?utf-8?B?Q3U1NExsUTBHZDQ0L1h6clJadjBvaWRpbzNnY05DdENISmNpTWZGL0ZBb1p2?= =?utf-8?B?QmhSSGRVZkpNZDJpMXhjOXNQNGJUU0s1VG1QQjFYN1F3U0EwdXJDQ0tYWlUx?= =?utf-8?B?R25qektmQW9Rek1jOUYwUDdyRkNIcXhYTFF6bm9vSmVWbzZFeksvSzVGK2Mv?= =?utf-8?B?TjBtaU9HcUxXVWJ0SFloY2F5ZjI3VkRzcERDeUFOZUttdXMrQWRMZz09?= X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-Network-Message-Id: 2ae07c0e-15bb-40af-77dc-08de556948d4 X-MS-Exchange-CrossTenant-AuthSource: DS2PR12MB9567.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 17 Jan 2026 01:39:41.6078 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: zox9qYbDWFPnDWI1yhnbT8Ias+Z2cbaNnrDiPv13MrKrqA9NRjQT3vetKX+RwTBuFnBLYqhxmofSOSdAEoQzmg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: LV2PR12MB999097 Message-ID-Hash: JUOBHATX3XOXH7OQ5YEJVAILQB5EYO6I X-Message-ID-Hash: JUOBHATX3XOXH7OQ5YEJVAILQB5EYO6I X-MailFrom: nathanc@nvidia.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; header-match-devel.lists.libvirt.org-0; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: skolothumtho@nvidia.com, nicolinc@nvidia.com, nathanc@nvidia.com, mochs@nvidia.com X-Mailman-Version: 3.3.10 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: From: Nathan Chen via Devel Reply-To: Nathan Chen X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1768614199140158501 From: Nathan Chen Introduce private data for hostdevs and allocate hostdev private data by default. Signed-off-by: J=C3=A1n Tomko Signed-off-by: Nathan Chen --- src/bhyve/bhyve_parse_command.c | 2 +- src/conf/domain_conf.c | 13 +++++++++-- src/conf/domain_conf.h | 5 ++++- src/libxl/xen_common.c | 2 +- src/libxl/xen_xl.c | 2 +- src/lxc/lxc_native.c | 2 +- src/qemu/qemu_domain.c | 40 +++++++++++++++++++++++++++++++++ src/qemu/qemu_domain.h | 15 +++++++++++++ src/vbox/vbox_common.c | 2 +- tests/virhostdevtest.c | 2 +- 10 files changed, 76 insertions(+), 9 deletions(-) diff --git a/src/bhyve/bhyve_parse_command.c b/src/bhyve/bhyve_parse_comman= d.c index d62ea64beb..8b405206bd 100644 --- a/src/bhyve/bhyve_parse_command.c +++ b/src/bhyve/bhyve_parse_command.c @@ -687,7 +687,7 @@ bhyveParsePassthru(virDomainDef *def G_GNUC_UNUSED, return -1; } =20 - hostdev =3D virDomainHostdevDefNew(); + hostdev =3D virDomainHostdevDefNew(NULL); hostdev->mode =3D VIR_DOMAIN_HOSTDEV_MODE_SUBSYS; hostdev->source.subsys.type =3D VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI; =20 diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index d00a43e969..17cad7e8b0 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -2733,6 +2733,8 @@ virDomainHostdevDefClear(virDomainHostdevDef *def) case VIR_DOMAIN_HOSTDEV_MODE_LAST: break; } + + g_clear_pointer(&def->privateData, virObjectUnref); } =20 =20 @@ -3483,7 +3485,7 @@ void virDomainVideoDefFree(virDomainVideoDef *def) =20 =20 virDomainHostdevDef * -virDomainHostdevDefNew(void) +virDomainHostdevDefNew(virDomainXMLOption *xmlopt) { virDomainHostdevDef *def; =20 @@ -3491,6 +3493,13 @@ virDomainHostdevDefNew(void) =20 def->info =3D g_new0(virDomainDeviceInfo, 1); =20 + if (xmlopt && xmlopt->privateData.hostdevNew && + !(def->privateData =3D xmlopt->privateData.hostdevNew())) { + VIR_FREE(def->info); + VIR_FREE(def); + return NULL; + } + return def; } =20 @@ -13681,7 +13690,7 @@ virDomainHostdevDefParseXML(virDomainXMLOption *xml= opt, =20 ctxt->node =3D node; =20 - def =3D virDomainHostdevDefNew(); + def =3D virDomainHostdevDefNew(xmlopt); =20 if (virXMLPropEnumDefault(node, "mode", virDomainHostdevModeTypeFromSt= ring, VIR_XML_PROP_NONE, diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h index 83d49969d3..dee1e85a35 100644 --- a/src/conf/domain_conf.h +++ b/src/conf/domain_conf.h @@ -364,6 +364,8 @@ struct _virDomainHostdevDef { */ virDomainNetDef *parentnet; =20 + virObject *privateData; + virDomainHostdevMode mode; virDomainStartupPolicy startupPolicy; bool managed; @@ -3588,6 +3590,7 @@ struct _virDomainXMLPrivateDataCallbacks { virDomainXMLPrivateDataNewFunc vsockNew; virDomainXMLPrivateDataNewFunc cryptoNew; virDomainXMLPrivateDataNewFunc graphicsNew; + virDomainXMLPrivateDataNewFunc hostdevNew; virDomainXMLPrivateDataNewFunc networkNew; virDomainXMLPrivateDataNetParseFunc networkParse; virDomainXMLPrivateDataNetFormatFunc networkFormat; @@ -3797,7 +3800,7 @@ virDomainVideoDef *virDomainVideoDefNew(virDomainXMLO= ption *xmlopt); void virDomainVideoDefFree(virDomainVideoDef *def); G_DEFINE_AUTOPTR_CLEANUP_FUNC(virDomainVideoDef, virDomainVideoDefFree); void virDomainVideoDefClear(virDomainVideoDef *def); -virDomainHostdevDef *virDomainHostdevDefNew(void); +virDomainHostdevDef *virDomainHostdevDefNew(virDomainXMLOption *xmlopt); void virDomainHostdevDefFree(virDomainHostdevDef *def); void virDomainHubDefFree(virDomainHubDef *def); void virDomainRedirdevDefFree(virDomainRedirdevDef *def); diff --git a/src/libxl/xen_common.c b/src/libxl/xen_common.c index 890ef11723..e6a372e078 100644 --- a/src/libxl/xen_common.c +++ b/src/libxl/xen_common.c @@ -445,7 +445,7 @@ xenParsePCI(char *entry) } } =20 - hostdev =3D virDomainHostdevDefNew(); + hostdev =3D virDomainHostdevDefNew(NULL); hostdev->managed =3D false; hostdev->writeFiltering =3D filtered; hostdev->source.subsys.type =3D VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI; diff --git a/src/libxl/xen_xl.c b/src/libxl/xen_xl.c index e72e7d7f44..42e1408cf3 100644 --- a/src/libxl/xen_xl.c +++ b/src/libxl/xen_xl.c @@ -930,7 +930,7 @@ xenParseXLUSB(virConf *conf, virDomainDef *def) key =3D nextkey; } =20 - hostdev =3D virDomainHostdevDefNew(); + hostdev =3D virDomainHostdevDefNew(NULL); hostdev->managed =3D false; hostdev->source.subsys.type =3D VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE= _USB; hostdev->source.subsys.u.usb.bus =3D busNum; diff --git a/src/lxc/lxc_native.c b/src/lxc/lxc_native.c index 7700804429..a94427b027 100644 --- a/src/lxc/lxc_native.c +++ b/src/lxc/lxc_native.c @@ -376,7 +376,7 @@ lxcCreateNetDef(const char *type, static virDomainHostdevDef * lxcCreateHostdevDef(const char *data) { - virDomainHostdevDef *hostdev =3D virDomainHostdevDefNew(); + virDomainHostdevDef *hostdev =3D virDomainHostdevDefNew(NULL); hostdev->mode =3D VIR_DOMAIN_HOSTDEV_MODE_CAPABILITIES; hostdev->source.caps.type =3D VIR_DOMAIN_HOSTDEV_CAPS_TYPE_NET; hostdev->source.caps.u.net.ifname =3D g_strdup(data); diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index ac56fc7cb4..85eea1801f 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -1238,6 +1238,45 @@ qemuDomainNetworkPrivateFormat(const virDomainNetDef= *net, } =20 =20 +static virClass *qemuDomainHostdevPrivateClass; + +static void +qemuDomainHostdevPrivateDispose(void *obj) +{ + qemuDomainHostdevPrivate *priv =3D obj; + + VIR_FORCE_CLOSE(priv->vfioDeviceFd); +} + + +static int +qemuDomainHostdevPrivateOnceInit(void) +{ + if (!VIR_CLASS_NEW(qemuDomainHostdevPrivate, virClassForObject())) + return -1; + + return 0; +} + +VIR_ONCE_GLOBAL_INIT(qemuDomainHostdevPrivate); + +virObject * +qemuDomainHostdevPrivateNew(void) +{ + qemuDomainHostdevPrivate *priv; + + if (qemuDomainHostdevPrivateInitialize() < 0) + return NULL; + + if (!(priv =3D virObjectNew(qemuDomainHostdevPrivateClass))) + return NULL; + + priv->vfioDeviceFd =3D -1; + + return (virObject *) priv; +} + + /* qemuDomainSecretInfoSetup: * @priv: pointer to domain private object * @alias: alias of the secret @@ -3563,6 +3602,7 @@ virDomainXMLPrivateDataCallbacks virQEMUDriverPrivate= DataCallbacks =3D { .chrSourceNew =3D qemuDomainChrSourcePrivateNew, .vsockNew =3D qemuDomainVsockPrivateNew, .graphicsNew =3D qemuDomainGraphicsPrivateNew, + .hostdevNew =3D qemuDomainHostdevPrivateNew, .networkNew =3D qemuDomainNetworkPrivateNew, .networkParse =3D qemuDomainNetworkPrivateParse, .networkFormat =3D qemuDomainNetworkPrivateFormat, diff --git a/src/qemu/qemu_domain.h b/src/qemu/qemu_domain.h index 3396f929fd..3aac743875 100644 --- a/src/qemu/qemu_domain.h +++ b/src/qemu/qemu_domain.h @@ -461,6 +461,18 @@ struct _qemuDomainTPMPrivate { }; =20 =20 +#define QEMU_DOMAIN_HOSTDEV_PRIVATE(hostdev) \ + ((qemuDomainHostdevPrivate *) (hostdev)->privateData) + +typedef struct _qemuDomainHostdevPrivate qemuDomainHostdevPrivate; +struct _qemuDomainHostdevPrivate { + virObject parent; + + /* VFIO device file descriptor for iommufd passthrough */ + int vfioDeviceFd; +}; + + void qemuDomainNetworkPrivateClearFDs(qemuDomainNetworkPrivate *priv); =20 @@ -1174,3 +1186,6 @@ qemuDomainCheckCPU(virArch arch, bool qemuDomainMachineSupportsFloppy(const char *machine, virQEMUCaps *qemuCaps); + +virObject * +qemuDomainHostdevPrivateNew(void); diff --git a/src/vbox/vbox_common.c b/src/vbox/vbox_common.c index 26c5fdfef6..d2a8cf8da4 100644 --- a/src/vbox/vbox_common.c +++ b/src/vbox/vbox_common.c @@ -3090,7 +3090,7 @@ vboxHostDeviceGetXMLDesc(struct _vboxDriver *data, vi= rDomainDef *def, IMachine * def->hostdevs =3D g_new0(virDomainHostdevDef *, def->nhostdevs); =20 for (i =3D 0; i < def->nhostdevs; i++) - def->hostdevs[i] =3D virDomainHostdevDefNew(); + def->hostdevs[i] =3D virDomainHostdevDefNew(NULL); =20 for (i =3D 0; i < deviceFilters.count; i++) { PRBool active =3D PR_FALSE; diff --git a/tests/virhostdevtest.c b/tests/virhostdevtest.c index aec474a148..a35c1d9402 100644 --- a/tests/virhostdevtest.c +++ b/tests/virhostdevtest.c @@ -124,7 +124,7 @@ myInit(void) =20 for (i =3D 0; i < nhostdevs; i++) { virDomainHostdevSubsys *subsys; - hostdevs[i] =3D virDomainHostdevDefNew(); + hostdevs[i] =3D virDomainHostdevDefNew(NULL); if (!hostdevs[i]) goto cleanup; hostdevs[i]->mode =3D VIR_DOMAIN_HOSTDEV_MODE_SUBSYS; --=20 2.43.0 From nobody Mon Feb 2 05:56:45 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; arc=fail (Bad Signature); dmarc=pass(p=reject dis=none) header.from=lists.libvirt.org Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1768614256283262.54664014783646; Fri, 16 Jan 2026 17:44:16 -0800 (PST) Received: by lists.libvirt.org (Postfix, from userid 993) id 035B943DBC; Fri, 16 Jan 2026 20:44:16 -0500 (EST) Received: from [172.19.199.3] (lists.libvirt.org [8.43.85.245]) by lists.libvirt.org (Postfix) with ESMTP id 0871A43F40; Fri, 16 Jan 2026 20:40:01 -0500 (EST) Received: by lists.libvirt.org (Postfix, from userid 993) id 7983A41B7C; Fri, 16 Jan 2026 20:39:48 -0500 (EST) Received: from CH1PR05CU001.outbound.protection.outlook.com (mail-northcentralusazon11010059.outbound.protection.outlook.com [52.101.193.59]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (prime256v1) server-signature RSA-PSS (3072 bits) server-digest SHA256) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id 7F83341B93 for ; Fri, 16 Jan 2026 20:39:44 -0500 (EST) Received: from DS2PR12MB9567.namprd12.prod.outlook.com (2603:10b6:8:27c::8) by LV2PR12MB999097.namprd12.prod.outlook.com (2603:10b6:408:353::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9520.6; Sat, 17 Jan 2026 01:39:43 +0000 Received: from DS2PR12MB9567.namprd12.prod.outlook.com ([fe80::636:1b52:24ca:d7e5]) by DS2PR12MB9567.namprd12.prod.outlook.com ([fe80::636:1b52:24ca:d7e5%3]) with mapi id 15.20.9520.005; Sat, 17 Jan 2026 01:39:42 +0000 X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-3.4 required=5.0 tests=ARC_SIGNED,ARC_VALID,BAYES_00, DKIM_INVALID,DKIM_SIGNED,MAILING_LIST_MULTI,RCVD_IN_DNSWL_LOW, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED,RCVD_IN_VALIDITY_RPBL_BLOCKED, RCVD_IN_VALIDITY_SAFE_BLOCKED,SPF_PASS autolearn=unavailable autolearn_force=no version=4.0.1 ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=EyfcmYhC5fg07wGvtwD8TS+TakD9NdqNVU+GqHUjp7pJqXPF531Vo4pqOtLBAtmcnOE1R48xaJ+10dHFfXoEmq0Vw0mQrPBgS7HKnSpyZrvNhgq7nnBE/jn8EhxCSzd/viiQZoVsS2ufE05iCNpkE+we2tx7IFVaiHpJP5XIgOex0PO7Oaad1QdzUehaiKetmugl/MYwLQkjHRyh323vZe+TubzncAfo0l5fACHjUd4DEKYHMrcaXRlV+rrbwE8Vk3DkUm3lRSscrHjDTVWk7UFbStgX1/G2/M3OZHsKEc8GSSMCmVuWazweyCjPnmQNs4ei4b8QuynJ27ebeZLJ5g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Zrj3lCkiJYPlH4CTN1LGoEjAjqjGPX9vbiNYOXNvXgY=; b=B5NKBuGGxlIvLerRr3yupWDUa9TpuljIWexJ1ny4p9Xu/WL58vVYFu0gjjNbae4DV53KevUuFZ8quWe1mp7HtLw1NdCD+HWgGVeVrH72YNxEUH5ZRPx29EOvxDPwdOKx9JyxhwCPf3kQrxhAXUX8zBYLqyF52gjBkOpk177kVjrS2Tzp4s2ldSUOkos3KQ2jaOfpC7toFXJHMgz1JVmYKUf8fVg0x8R5XOg0j42EVImNkt2w+ncFYtfFpa0vmZC20pu+j70CgG+OqxsyHiYMUzQfRKo++4nTGOnJ0J+IBz1H6QeQhS4CwP6K97lzbbpn6mLl+4CPtc0diN9Z3nNNUA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nvidia.com; dmarc=pass action=none header.from=nvidia.com; dkim=pass header.d=nvidia.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Zrj3lCkiJYPlH4CTN1LGoEjAjqjGPX9vbiNYOXNvXgY=; b=seJ3gu+/F8gr4kV8HFaaxnVcfPZCHGKF40TIZMdFQBekhdfwN7B8lQXB9dyb2fAt5eVllnASv4CaM4ktSJ7gvDFYiPoMWCyqJK+Mo/X3LEOQKpCKB20gT7Tcf3+/dfgcVUGzhgbQxUM5ZyILt34Xh9Al6c0hKvAfecuzpChYgm6n93uMMnT/z9dm2M3+9UiigrW2zg+qyTAUBnVYBuVJjISMTIkuNG8z/X6O8fr53/7I5KUiWwVldmKvf+STayzme7KMkFs9hoj41aFVkcalLNnxf39uBmQDT0PHwPloWmCHae69CW/q2edz22MZw+mUBDwaXVrSDooOJk4PM94WQw== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nvidia.com; To: devel@lists.libvirt.org Subject: [PATCH v5 3/7] qemu: Support per-process memory accounting for iommufd Date: Fri, 16 Jan 2026 17:39:33 -0800 Message-ID: <20260117013937.3803457-4-nathanc@nvidia.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20260117013937.3803457-1-nathanc@nvidia.com> References: <20260117013937.3803457-1-nathanc@nvidia.com> Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: SJ0PR03CA0139.namprd03.prod.outlook.com (2603:10b6:a03:33c::24) To DS2PR12MB9567.namprd12.prod.outlook.com (2603:10b6:8:27c::8) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS2PR12MB9567:EE_|LV2PR12MB999097:EE_ X-MS-Office365-Filtering-Correlation-Id: aa9f66e4-7016-42c4-6a11-08de5569499c X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|376014|1800799024|366016|18082099003; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?acLXYIm8tgftaeuETgARvGoV5l9V9IlSc2H0ZPj3+Oh7RtRCazjph4ZFFWuw?= =?us-ascii?Q?Wp5E1G9BkxjVZkSweOl2pFHw9HJaHQ5SR8YFucBHc0CfwLNaKOQO9CKSj0+U?= =?us-ascii?Q?5NIKhK6CMXvQlKnWm73AZqrZyNrZt1KQDX9GPYm82pCgdoehbsjZxiAfCWag?= =?us-ascii?Q?3hED5BroG1RVbiO7OjCEMajiZ38SlHuZx9dFzpEoubyIf3QWJto0XlpxJOL2?= =?us-ascii?Q?xxB9M4tbm2p1h40Z+kiLPrcLxBO7zmAKmmFOqfEQBWhWgNBjMYQYGIqhku0b?= =?us-ascii?Q?f3Ij42SzEyUurKjoWaLbxWfW4YZ8CPqe1YVGPu0UqO8aSTAXd6/2031F8SIk?= =?us-ascii?Q?9/uhfXFLoMBqMPjGL2A0IQy436ErJzUv3hNFQfOJL5SBEmthw9HCfb9FVOua?= =?us-ascii?Q?anPi+fxGB4jaZ+U+YvIqu9GcEiGFHhnull8hgX+yQXsb3JVe9Of8oYWpE0Cw?= =?us-ascii?Q?/s1LIjkG1FUsXvv1cI0CXWZeP3aCX0I0O22AVG5sCnlBHiijYtwdcABd805y?= =?us-ascii?Q?zvub5JgGvDTujplWLseahCsS/AZMrrDR8SuupUH/Ll8GscQiFH3YkARoEg5N?= =?us-ascii?Q?nhR621hDJNvslA6asiNbAxWv1W9+/OeF4/6QTazLwaS/K59J5tfJF6NV1d3H?= =?us-ascii?Q?xCvDcSUverNyJRuAvcGLKU33sBQUgjUMiA216XfKTV/o4Xp57EAxdnRKcSXX?= =?us-ascii?Q?S0Bly2+bLr3uGShSxPEt3mfCxosCG6KlObgslDKa/FXbfhiOF+WYhCY5Slr0?= =?us-ascii?Q?5vxYjrQn0bLRLw11aT7t2ihF8x+5qERo7LI3sjDJs1l0V6j+/yRyN4Er7WzG?= =?us-ascii?Q?zGpKmfJYc31In1k+qNi0zLxI+yF7u0bopDXPvIKemj4fKdTQaQ3hUytzplXx?= =?us-ascii?Q?RdKDhbcprrJCzimppId3a27+N4cmUIJWNzOdNot7mEjds6nWuqClBvEa99hB?= =?us-ascii?Q?GdRMSg+dtCiD7h5AVRIkLxAAKvCBKmxLhMPdSLtc7gUldkxDebAXlLToOGL0?= =?us-ascii?Q?WTz1zYTnNbaz8SSKzx7eT9hJrqPEnaZ+y4iiGBss7Gki6P05YazVUY4eSKJ8?= =?us-ascii?Q?+LME8D2VRK0MQFcdKsNi5jRonuD3XUQn4u7hLZVb9f28I0Y1sII6y2O4fe4n?= =?us-ascii?Q?JjYx8XcJ/ljeJu7l7ndfmcByGTaHwpL068MMp4UtaWtU4dRo5g1T0PIenN/2?= =?us-ascii?Q?0Qlmco8zMZm5GzYG83gDxm6EfEz1FYAh/0wv2jSRUdSsZjzS6rGBLQuJIC5f?= =?us-ascii?Q?QKdLoNaZSbx/BGyP41zc2RdQ4hkiXOT2c7/mTbERllDL3vF9pi66ipcreyrk?= =?us-ascii?Q?CyiLH4iNcLOKL9iSHUUWFG7/AQ544IZe+L1dCqwOPRmQ33RUsanv4vjBavBs?= =?us-ascii?Q?OC5oSaNQignaFlI5iL7zb9tzlDu8ckxZZ1DU1TlL2F2DagzWQvGb+ymrkh5s?= =?us-ascii?Q?vlVk1R/mn2o3x0HLemvRbI+Ebt6WfIzlu31f8HXVj14AaqFEE9vWb/qZpRA5?= =?us-ascii?Q?yG93Q5XQUoIHNrj7M/EXNZ4nGCp7AFi4Q78ShCKvjKzSMtrWI6an6nY8FyMh?= =?us-ascii?Q?6K4LKBK5hMA2RT82LS+y2NRQ/Ybg+vtPltxsaSCg?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DS2PR12MB9567.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(376014)(1800799024)(366016)(18082099003);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?vIDgggHQZEjGFb0Vs/LgqraChgxcQXqjEnSU0LqDUM2YU+Qawe53xMkHriAb?= =?us-ascii?Q?XorJqmT5gCYB2k4Q7wGl+TeJzWBxQZDm/4nX9HfrrM5Xybu8pJO5ytvTZTC7?= =?us-ascii?Q?EcflohITD8mXyvcNlX6j8xwvl2aCoo7IN9fMBNM5D3Vf9Yd0hXtJNemhzhcp?= =?us-ascii?Q?KTbQhAjoOO5kQ6bWoq/SHYQlOAeBAZhVKkwPmyN0hkFwj6zMNNaBQu0FCB7b?= =?us-ascii?Q?nb0PQRgy+A4DL11rqkPKGoWE2HQtOewsDSLKJKk2hEWZdw79udMvOvaczeQM?= =?us-ascii?Q?dNN7APOw5XxRQlwhYrFhWVrMzsFQmfuImTn/HWugon32YRjBweBVJEH/lQ/a?= =?us-ascii?Q?nEf2hJVm0mBBrvFdJmpxoYwuk+VL+2xOHD5u3Do2QtCFePE5vei27pNiMHay?= =?us-ascii?Q?DuMtkrox1ZsdRKxlCVu6clYnIq+lkwL10S2CCtQRqQMZWchth9pFESVT20/L?= =?us-ascii?Q?I60bbAJrkVbZ1ggHKeS1G++ZAqZlwWm5GDwqpjo7f3b3VJKKkVyTfbUBqPZH?= =?us-ascii?Q?sh/ozHdExeblxhj3jWyglqoXJuu4io+97FGoswrMAWn5PcRIIUR/AEzuHtcH?= =?us-ascii?Q?LF82fb0JLv17hAcXtsFUjlb3thFekSM4Qz+TeReW/MU/ITWV+8ASH2U6vnpX?= =?us-ascii?Q?Fixu4vR22RBJPTNXUt0Ag5DyGNkUkLj8VL/7CgSNuRLW03bEkuUEgfx+j7lh?= =?us-ascii?Q?FUi9wBsIUoYobTuqfmxLVc4HgQ7Fvcs3QTKjZ52COK+n98VIvEx26TF0GjQL?= =?us-ascii?Q?AihkAO35bsAqmSF5c977j49K76kb2YqnHIrr8a+545u7UBB2dXbm+Jt6bG9k?= =?us-ascii?Q?ly8E2bKGAXqzb5/AZE6OriXqGFWUPK0X5LLMVI7gDamWp85HR+8n/TdMfuI5?= =?us-ascii?Q?goRELCLlqOtpcHKuNomB/eqyFhXIDcpzxP8w5MT/egKPOAUScTq0fLIYZf4l?= =?us-ascii?Q?nV7GDRb787tvFhleFjSquA1l9nKIDIxdLowXW6ooQdzwuwFzvl71fMjD5yiD?= =?us-ascii?Q?fOgqvEDBFBayNMlqeKH4MdBVxXQ7bm2NqUCxElJx5LmohY78S90NwBb/Tbuf?= =?us-ascii?Q?x1Yi7IaBMOVp14rkg2/57pOp8yTS61FcIwIXz8/f9JHDwsE0XlEyQB/wcrU0?= =?us-ascii?Q?TnLIAXc+unggFeD4sStn6ZsY03QjVsTEGslfvZNpPcoWcU5FWamOHAin62cQ?= =?us-ascii?Q?Vzghgb/b7wCEhaob5soUcTZAk0FWwM9o7qe/JOPIiwxNRzEc157qq0OLIBp3?= =?us-ascii?Q?L+4XEjaH5gkhSoz8kkD0OILnG4ZCxo/HU2i2hN4W5fQQMjZ1o7NaVHxF5UKh?= =?us-ascii?Q?yr+mqO2XUj/z5LCZ6o/Bz/G1Y2aYIyXaMPGR/jDAB71fFp9lFa+tlw4RgUqH?= =?us-ascii?Q?+kS3Cmr9jgyg7RIvhkZYEWr54kgecAIzLL0ActQsTz3CbtEjs0XHFvQ3GFh6?= =?us-ascii?Q?YC9eQYVNWjWP7oQ2Dk05S3KnunSAiNQvox7Vrzh/7aRSRMchEqH5M087vorv?= =?us-ascii?Q?/Zbr0hvAWpp6Myqe6dUXroczzye54FI9s/iAQuXebYL+vXyqYAqwu36A+svS?= =?us-ascii?Q?IRvN6fpkmVP+DM1DRHpx5aeWtLueEkh/ZvzhL3CEx2TDT6wlJrxTpkS8/46c?= =?us-ascii?Q?ESMKoipPTpuDwoOzsMPN+z9Qzl6AQu9Z5g1SztA28XD/KXwZis0dJZGeOfNg?= =?us-ascii?Q?w9AWWGRbH+aGOs3L7je6lfwwNy2t/fzukVEd5CD2n98daKR9Nc8a9eLSAfs0?= =?us-ascii?Q?5MOcWNTIlg=3D=3D?= X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-Network-Message-Id: aa9f66e4-7016-42c4-6a11-08de5569499c X-MS-Exchange-CrossTenant-AuthSource: DS2PR12MB9567.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 17 Jan 2026 01:39:42.9325 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: bKBUyoBi/2h3a+mwNptBNFS2QTLot6HmFqC+pvouieTwnGFbp00qbRkkFG+D8k5H17SCxSFHueZKiCMxkCvWTw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: LV2PR12MB999097 Message-ID-Hash: CLTAR6MWCN4PGCXT3AFDCFWV6I57DL3F X-Message-ID-Hash: CLTAR6MWCN4PGCXT3AFDCFWV6I57DL3F X-MailFrom: nathanc@nvidia.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; header-match-devel.lists.libvirt.org-0; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: skolothumtho@nvidia.com, nicolinc@nvidia.com, nathanc@nvidia.com, mochs@nvidia.com X-Mailman-Version: 3.3.10 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: From: Nathan Chen via Devel Reply-To: Nathan Chen X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1768614280328158500 Content-Type: text/plain; charset="utf-8" From: Nathan Chen Implement the IOMMU_OPTION_RLIMIT_MODE ioctl to set per-process memory accounting for iommufd. This prevents ENOMEM errors from the default per-user memory accounting when multiple VMs under the libvirt-qemu user have their pinned memory summed and checked against a per-process RLIMIT_MEMLOCK limit. Signed-off-by: Nathan Chen --- meson.build | 1 + po/POTFILES | 1 + src/libvirt_private.syms | 3 ++ src/util/meson.build | 1 + src/util/viriommufd.c | 111 +++++++++++++++++++++++++++++++++++++++ src/util/viriommufd.h | 25 +++++++++ 6 files changed, 142 insertions(+) create mode 100644 src/util/viriommufd.c create mode 100644 src/util/viriommufd.h diff --git a/meson.build b/meson.build index 964d1fa4e1..a6db70f13e 100644 --- a/meson.build +++ b/meson.build @@ -732,6 +732,7 @@ headers =3D [ 'ifaddrs.h', 'libtasn1.h', 'linux/kvm.h', + 'linux/iommufd.h', 'mntent.h', 'net/ethernet.h', 'net/if.h', diff --git a/po/POTFILES b/po/POTFILES index f0aad35c8c..c78d2b8000 100644 --- a/po/POTFILES +++ b/po/POTFILES @@ -303,6 +303,7 @@ src/util/virhostuptime.c src/util/viridentity.c src/util/virinhibitor.c src/util/virinitctl.c +src/util/viriommufd.c src/util/viriscsi.c src/util/virjson.c src/util/virlease.c diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index 6bffd2eb6d..7fa76a1ec3 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -2646,6 +2646,9 @@ virInhibitorRelease; virInitctlFifos; virInitctlSetRunLevel; =20 +# util/viriommufd.h +virIOMMUFDSetRLimitMode; + # util/viriscsi.h virISCSIConnectionLogin; virISCSIConnectionLogout; diff --git a/src/util/meson.build b/src/util/meson.build index 4950a795cc..9fb0aa0fe7 100644 --- a/src/util/meson.build +++ b/src/util/meson.build @@ -46,6 +46,7 @@ util_sources =3D [ 'viridentity.c', 'virinhibitor.c', 'virinitctl.c', + 'viriommufd.c', 'viriscsi.c', 'virjson.c', 'virkeycode.c', diff --git a/src/util/viriommufd.c b/src/util/viriommufd.c new file mode 100644 index 0000000000..225c76f4b2 --- /dev/null +++ b/src/util/viriommufd.c @@ -0,0 +1,111 @@ +#include + +#include "viriommufd.h" +#include "virlog.h" +#include "virerror.h" +#include "virfile.h" + +#ifdef __linux__ + +# include +# include + +# ifdef HAVE_LINUX_IOMMUFD_H +# include +# endif + +# define VIR_FROM_THIS VIR_FROM_NONE + +VIR_LOG_INIT("util.iommufd"); + +# ifndef IOMMU_OPTION + +enum iommufd_option { + IOMMU_OPTION_RLIMIT_MODE =3D 0, + IOMMU_OPTION_HUGE_PAGES =3D 1, +}; + +enum iommufd_option_ops { + IOMMU_OPTION_OP_SET =3D 0, + IOMMU_OPTION_OP_GET =3D 1, +}; + +struct iommu_option { + __u32 size; + __u32 option_id; + __u16 op; + __u16 __reserved; + __u32 object_id; + __aligned_u64 val64; +}; + +# define IOMMUFD_TYPE (';') +# define IOMMUFD_CMD_OPTION 0x87 +# define IOMMU_OPTION _IO(IOMMUFD_TYPE, IOMMUFD_CMD_OPTION) + +# endif + +/** + * virIOMMUFDSetRLimitMode: + * @fd: iommufd file descriptor + * @processAccounting: true for per-process, false for per-user + * + * Set RLIMIT_MEMLOCK accounting mode for the iommufd. + * + * Returns: 0 on success, -1 on error + */ +int +virIOMMUFDSetRLimitMode(int fd, bool processAccounting) +{ + struct iommu_option option =3D { + .size =3D sizeof(struct iommu_option), + .option_id =3D IOMMU_OPTION_RLIMIT_MODE, + .op =3D IOMMU_OPTION_OP_SET, + .__reserved =3D 0, + .object_id =3D 0, + .val64 =3D processAccounting ? 1 : 0, + }; + + if (ioctl(fd, IOMMU_OPTION, &option) < 0) { + switch (errno) { + case ENOTTY: + VIR_WARN("IOMMU_OPTION ioctl not supported"); + return 0; + + case EOPNOTSUPP: + VIR_WARN("IOMMU_OPTION_RLIMIT_MODE not supported by kernel= "); + return 0; + + case EINVAL: + virReportSystemError(errno, "%s", + _("invalid iommufd option parameters"= )); + return -1; + + case EPERM: + VIR_WARN("Permission denied for IOMMU_OPTION ioctl. " + "Per-user-based memory accounting to be used by d= efault."); + return 0; + + default: + virReportSystemError(errno, "%s", + _("failed to set iommufd option")); + return -1; + } + } + + VIR_DEBUG("Set iommufd rlimit mode to %s-based accounting", + processAccounting ? "process" : "user"); + return 0; +} + +#else + +int virIOMMUFDSetRLimitMode(int fd G_GNUC_UNUSED, + bool processAccounting G_GNUC_UNUSED) +{ + virReportError(VIR_ERR_NO_SUPPORT, "%s", + _("IOMMUFD is not supported on this platform")); + return -1; +} + +#endif diff --git a/src/util/viriommufd.h b/src/util/viriommufd.h new file mode 100644 index 0000000000..ebecfe3633 --- /dev/null +++ b/src/util/viriommufd.h @@ -0,0 +1,25 @@ +/* + * viriommufd.h: iommufd helpers + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library. If not, see + * . + */ + +#pragma once + +#include "internal.h" + +#define VIR_IOMMU_DEV_PATH "/dev/iommu" + +int virIOMMUFDSetRLimitMode(int fd, bool processAccounting); --=20 2.43.0 From nobody Mon Feb 2 05:56:45 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; arc=fail (Bad Signature); dmarc=pass(p=reject dis=none) header.from=lists.libvirt.org Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1768614310273982.3723481642204; Fri, 16 Jan 2026 17:45:10 -0800 (PST) Received: by lists.libvirt.org (Postfix, from userid 993) id 62ED143DE8; Fri, 16 Jan 2026 20:45:09 -0500 (EST) Received: from [172.19.199.3] (lists.libvirt.org [8.43.85.245]) by lists.libvirt.org (Postfix) with ESMTP id E59A743F80; Fri, 16 Jan 2026 20:40:03 -0500 (EST) Received: by lists.libvirt.org (Postfix, from userid 993) id D561B41B54; Fri, 16 Jan 2026 20:39:49 -0500 (EST) Received: from CH1PR05CU001.outbound.protection.outlook.com (mail-northcentralusazon11010023.outbound.protection.outlook.com [52.101.193.23]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (prime256v1) server-signature RSA-PSS (3072 bits)) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id 02F6341B92 for ; Fri, 16 Jan 2026 20:39:46 -0500 (EST) Received: from DS2PR12MB9567.namprd12.prod.outlook.com (2603:10b6:8:27c::8) by LV2PR12MB999097.namprd12.prod.outlook.com (2603:10b6:408:353::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9520.6; Sat, 17 Jan 2026 01:39:44 +0000 Received: from DS2PR12MB9567.namprd12.prod.outlook.com ([fe80::636:1b52:24ca:d7e5]) by DS2PR12MB9567.namprd12.prod.outlook.com ([fe80::636:1b52:24ca:d7e5%3]) with mapi id 15.20.9520.005; Sat, 17 Jan 2026 01:39:44 +0000 X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-3.4 required=5.0 tests=ARC_SIGNED,ARC_VALID,BAYES_00, DKIM_INVALID,DKIM_SIGNED,MAILING_LIST_MULTI,RCVD_IN_DNSWL_LOW, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED,RCVD_IN_VALIDITY_RPBL_BLOCKED, RCVD_IN_VALIDITY_SAFE_BLOCKED,SPF_PASS autolearn=unavailable autolearn_force=no version=4.0.1 ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=I/WRQzCz9vCzZwaGzwj7itC9VY8H2CaDstoAtH2yJEbgM3Z0oNaYrcigFkN8CXnQIP/1s6MLr6hxOYXS9kKpcNAYgo+ouVShCb7+P+iGJBzaFrlZ+hkiR1F/lUEhG2CCzDyRusX9Mhe4vjQHYHLoBA8QYwNyZELa8/30l+KaenhUKrPS+gA38Hb6X+Sfr5LAichidDqUcdXRqsLq9ggqW+b7TaxczUsPDnj4igdznZwxrwzUBVGmdkslBhu9Q4EViUppI+cbV06jCYYy97vyKczabGLkRIOyz9GeDCS+XpwWBOEXf6pmHzCyGQ+zjFd37EYv0Q97j9euSNpOXsu9mw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=BZUe6gbwUh+wW43aJKqMA+B4I0R8z/WT1vh+GaO0YfA=; b=aVhbL9Fzs4czAIUEVW815frrXpcl+E2F1rCVMOqV0VwtimJoTSaeA/tlVdGpEOn7vjCayFkDICnV1Y3bU3RJv7W2mNIMxGFtKA1xq324LAlGIf6JJH/kV9A5yg7TvV+5PDL4c91Y7buYy2DbNe3qsiyXG33n+V4pdx3Heq4aXN6FBo5WNgwNI53gSoNv3UfQiKUbRqZTuZmLpxHc2XSd2tZjOD6owWZPRhvCQOeRbFo2DkizntJ9vA7Sr7tW8ouRXlRzL2g4PCFSsWSJxLcgkO3u3skQ89hOsA6+8jKTTdl1SgaF7wmmLoXcUCrfkS7vfTLfWShAH9JBFKHyv0OZnw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nvidia.com; dmarc=pass action=none header.from=nvidia.com; dkim=pass header.d=nvidia.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=BZUe6gbwUh+wW43aJKqMA+B4I0R8z/WT1vh+GaO0YfA=; b=fN4ObuxS6z6SBp/9YitL12zWVkUWpDWW/0KwQGKoIAjOgCAvoQ3Abwme+g70j2jKKTu3TQ0M9v31FcPsU2hiB7juvOP5a9RqvetmnqYwQsqlMJljtH0ZQcUR74s8Xx1YVbJ2w27TPQCYM+Fwhz+Be+eKBg/svRLK0ydFdTO0T6cnHIwcqsVSmEogifTJtskjNqvInUCZY1CDzHdSoEGyCK3lAk2qI7ZP/f0VQslN2aFn+D64nE2DGTLayYTHilmx0NtZeAl+/7XOD+CHUQdlQvb73SM25wBNGXwNwn/JsHtVU8NjC/Cnzj0EK78kG56baiT3JMc6Y240otXAQhGelw== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nvidia.com; To: devel@lists.libvirt.org Subject: [PATCH v5 4/7] qemu: open VFIO FDs from libvirt backend Date: Fri, 16 Jan 2026 17:39:34 -0800 Message-ID: <20260117013937.3803457-5-nathanc@nvidia.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20260117013937.3803457-1-nathanc@nvidia.com> References: <20260117013937.3803457-1-nathanc@nvidia.com> Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: SJ0PR13CA0134.namprd13.prod.outlook.com (2603:10b6:a03:2c6::19) To DS2PR12MB9567.namprd12.prod.outlook.com (2603:10b6:8:27c::8) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS2PR12MB9567:EE_|LV2PR12MB999097:EE_ X-MS-Office365-Filtering-Correlation-Id: fd4aaf64-945c-41c7-0567-08de55694a68 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|376014|1800799024|366016; X-Microsoft-Antispam-Message-Info: =?utf-8?B?SzhJVU44NXFETC9NNkRPcVpscmNIVkRVNGtYU0I3aFdDSzhmZlpVd0ZjRGVT?= =?utf-8?B?Ly9HTTZOeWdJS2JQYkNoZ0I4ZVpwQWRQRzAzVktJeXFCRGFoS1dUdzhjSHpP?= =?utf-8?B?UDRNaWJZYm1ucVpkeHBNWFBHTTlDM1dtVGlOU2FlUElWTmRVdDBEMkZOV1lC?= =?utf-8?B?M3NQaXFXUjI2azcxdy9vb2NkOXFuWmNaS1NBd0F1RGRVb3BPY1NZNDBpMElU?= =?utf-8?B?WHdWVGcxTE5pb0Q5c3hxK3Exd2dTUHJHcHRLN0lSMHF1a1p5dXlOLytRQVBj?= =?utf-8?B?VDhYVW1LbTQrRHNIR2RBS245eEhHTTRBaHh6Yk5xWWkzT2V2VEtzNzUzcVdO?= =?utf-8?B?NGwzWkdvMGdUbXRIYW1BUTRkQlorWmVkQlRWUW1GM0hOWThmU0taSlg4bHJB?= =?utf-8?B?Ny9sVmpPUW91ZUVRVWtwUXRDOFRwZWdhMjc3V2YzaFNEOFBVR0FPZWg2TFZp?= =?utf-8?B?bU1lci9Kd1BwS0pGY2RNZkhCN3Y4cXp6QkhOVjk5RDBLRnNFc1NLbGE2M2Nn?= =?utf-8?B?QjJiSG5IWm1WUkZ5RkUyNVU2c05HeExWT1dhazRIdGloTTF5VXFEMnRZMzdB?= =?utf-8?B?QTNDb0ZheVhmeWdveDJLeU9zSnhHeUpndVpjek1VNUtQanNISXhYa0VBZk1F?= =?utf-8?B?N0lvNmVZdElxMXRNemIwSVRXZEpFdEpxT0d3U2VsN1NQb0luNDJETXN0SmdK?= =?utf-8?B?OUYveDBHeUZBaEhHUVlUa2dMb0JDb1VVa3NjOWpZR1VZbVpsSDdWWFpEVmtV?= =?utf-8?B?SW4wbEJxS1cwelphNXAxWFFOZ05wTnE2aUVRQll2WXdiTUxnUGVIdUdUSGFo?= =?utf-8?B?YUxjRkh3eGZ2MmdrL0JVdHlLUHRZVjhhbHhjblJIeDc1YkcraWtGSjdLT0xE?= =?utf-8?B?d013SnNLNG5PUC9KZ25qSkxObU1Kbis0LzVtbXl4dUVldWlZTnh3S3NnUUNo?= =?utf-8?B?ejFOQVF2N1kzclF0azNBYzhPNm5VeTA5eWF0bTdUU1AvalAyQTAyWGpkOTF5?= =?utf-8?B?OEkvdTZGSWNFWXBSaGgvSWJVSzY1NU9RTWRZcEJhQWxZSUtPcE9hZjgwMDcy?= =?utf-8?B?MnNGd05KV0RGVDR1ekx6VFcvUXhIWlRoSXVkU3Y2NlZsYXNyYlVQd3NacE1t?= =?utf-8?B?REFKSnBZTXNpZzQrUzhPWUNla2F6bUl0d1RyenhTZ1R5Z1lIeGkzdDhHR3hi?= =?utf-8?B?ZUNkdFU5ZDdDVVlEb0pXZFVwWWlRTTRibXlKRVc5cWVCbWZPSGVxeFgvZERm?= =?utf-8?B?L2xqSUt1dVVrRTRDaEUySWtCcS9QU2dMR1prR0d4UnFxVmtFOG5Nc2sycThW?= =?utf-8?B?eE1YU2pVQmlneFpHVytRS1JwVGplWStOenFNSWVnS3FCMUF5YXpJZXZxaDZ0?= =?utf-8?B?TXZtc3VPbzBUY2FLUzg3bmR2VTBMV3ZubXV0aGNLT2puTVhTOTBOajNnUTZL?= =?utf-8?B?eHhZNC9uaDdRR1BsUENZUG1tSU9aNDRNTElqbmRyc1NDZWhUamZYeVcwSFA1?= =?utf-8?B?VXFYOHFlc0N1ZDF1Y1B3aWlCWTRwM3ptdjEwT1EzSzRYczJ6ZENSbXRNZUcy?= =?utf-8?B?Vzd3dVBqYlRPYmQ3aWlBVml5VW0wMmFRZjE3YXBlZGhqalFQVHNRTzRIZSto?= =?utf-8?B?aEQxK1d6aVhpYVVyZk1wU3FrbFlpSzg1RWV5eERCNWI0ZFpuaFN4YVk3cEV5?= =?utf-8?B?bk92bHBQUUR0RWtwTFVxazRidUhWNkxIOHNnL0NaS0h6bjBUREJPTnRHc08y?= =?utf-8?B?Q01jKzgyRXErZ2JqbWhyNm5VSmRyNzhyZCs4V0k2K1hzd1FadkRISFJzT213?= =?utf-8?B?OHJ0WjU0M2dPTVdDbXNQSjdKWDJPWjgzQUZDR3lFOGFHck54V2s4aEd0ZDJ6?= =?utf-8?B?Y3VFVDZ6ek5UQmlENWY2R01oVHlhY1FmNTkybVBvdnRsdlU4SkRZSlRPRmx2?= =?utf-8?B?MStaRjlTVVlMYkpvcHBxWktOQ1VWS3hIQWhnekZSZWZzamhZbCtpWGhkdXJz?= =?utf-8?B?TVUxa3VqL0hmcFlFR3Q0UGxJbldCNVgzaXN6TjRwcG5tTm0xZUx0bWdoZ3pV?= =?utf-8?B?V25zQUh1RWg2VFFwbTdVUmFBMktJZEc3b29KajlEd21HajVHVmtmY3dFYTBo?= =?utf-8?Q?fcS0=3D?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DS2PR12MB9567.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(376014)(1800799024)(366016);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?VnRoK2pTa1lGcThqZ2NKaDFRUUEyNFFrVHdrcVV2dHZWODVFZjIrbVdXMFdO?= =?utf-8?B?R2t6VGJieEpxWVRPSGhUOGFiVWZ4d0I1cXNHSVUydW91emZFZjlJblNxY29p?= =?utf-8?B?Mlg1dWVoNmExN1ZzcEFMZWNHME1XMmF5TE5sSEhnREV5aXY5UzNEdjVOQ1dv?= =?utf-8?B?aDRVWHh3dVZJc0pCQjZRZGZubC9PbzFub244U0Yvd1BMVm0vYXZtL0xFcUNm?= =?utf-8?B?NGpOU0lzTGhobzMyUi9SbWo3UFJVTTRVcGpmMm9LS1BHVTEyWGQ1bGw5ck11?= =?utf-8?B?ZVRmZzhPQXFlS0ZxZWZJaXV1U1dOZnZrQy9ReXZsSS9tTVExaDJuS01zbDUr?= =?utf-8?B?ODRiNFNnenNDK0N3UEY4eGJhQ1JqRGh2c0xYU1pyejI2ME45UUR2aVlDeExi?= =?utf-8?B?by9ObjNRWnIxYjJzVXdOeS9jKzFoejJGQ1Vsa2pob2ZXVGlwcU1TV3B6Q1I5?= =?utf-8?B?VjNVYS9WQ210MytWY3ZjNENFaXhvb3BoanRDMWNKWDVGdDNuRXRoWFNFSTA4?= =?utf-8?B?bmZnUE1HTEQrWjNIc1k1VXM5ZUV4Y0Z4OGtVMkdaNThPTVUwb1V2R2JSQW8y?= =?utf-8?B?WVREUHRkZ3RoNjBQQ1dJQ05aVXdVWU1BQjh5T2RKTFZsejFiUDFuQWRSaFVa?= =?utf-8?B?dDJRZTdpS2pvazF4ZXltQ3AzTm9JL0RWUkhCZGRkWmhaNExYcVIwc2hRT0xQ?= =?utf-8?B?UHNnNXVEMHllWWpDenNVR0hrOVhxcEpueDVSM2w2NkFOd1NnT0dQUkpPQThs?= =?utf-8?B?UzZBU2t3ZG41R0tvSjkwTzRwbllBQzJtWk5rampEVVVEOURYbUNZbVV6U0ZU?= =?utf-8?B?UXo2bmRueTNTdzdoWUtlSUw3dWxQUkJWUUhzWnFuaGVxajZBQ2pjZVhQdnVp?= =?utf-8?B?dDRaRjNCcXdvYjdoUTlRM2cvbDRYeWs2d1RYRTViamVwMXZEUVl4K3RhVWd4?= =?utf-8?B?dWVyLzBxWjd0L0REYkRrbnAzaUNkMTlKRlI3RFU2RElIcU5qbFpyeG05YVcv?= =?utf-8?B?MjVhUTlaQTBNaUJ6RHBKbTkyblhuanZ6ZXRpcG8rMkdoNjFOQ0Y0MElwNWg0?= =?utf-8?B?MVF2ZmEzWGNkaXR6TWRWYmd0TWRFWFBwM3ovUElFc1RhNkV2aXhJWjFHcGdj?= =?utf-8?B?Ump3S3ltckp6MzhXbEF3L1JDNUV0SFcxeWhwbkQ4d2orNUNyNDlNclN1b3VV?= =?utf-8?B?cExtaXBoazF1TzU3SzA4MGNsc281ZEkvSHBhL3pXRVVqWUkxL2I2Q3dTWm95?= =?utf-8?B?akFwWnpNWHFqb2NpcElqOWw2eFpSL2VyV0JqTFIrdXU3ak9WYkZsb0Z0S0Y4?= =?utf-8?B?cEdoSXQybUErc0l2WjVBZC9LNWlPTURSc09qV1c2VjZ0bElmcFNZcFBnMU8z?= =?utf-8?B?Yk5nSlpubUhrOVNVc25sQU1iWFhNbXZ4aGZJdXMzRjBielp4c1hCL2JmV0lJ?= =?utf-8?B?aTdjQjRhYlFPb3JCNGJwSWhLd21ETUhrRFVLcjFGb2Y3enBERyt2Z0pLZVhq?= =?utf-8?B?NnQ4SGN4RGwyVFo3N20rWDAyckJEclFYdktwcHZmMWZqdzFMUUp1TmtsU1Ns?= =?utf-8?B?SS9wSncwZ0ZmYVM3b3UybVRraXU4VDVMLzEyT3BGS0U4ZW9hN0EySEdDL2JS?= =?utf-8?B?Yzd2SFNtZGR0eFdKSjFwYU1OeDJYZENvelMxSUFtMlJKMFJGV2g5cUxkTEhL?= =?utf-8?B?Y1BaVWxNNmxFb2RucGhBOHVYV2hjcUhyR3hNUWhjODJqTDJXcU9hTjI4aytL?= =?utf-8?B?ZjVSWUVrb1ROaW5hWENUUklTZDVPVzA4bGNvRTVoQUx1eDJDMlhJRFN6UjY1?= =?utf-8?B?REVlenB3N3VMUVFrVnBPbDJkbU9XRGMzTUR5TVcxOXJtZHMxb2VWamNwaXFR?= =?utf-8?B?OW1wRXZTeXY1cXVIV3ZNRE1SbmFsTUNnQ29SYWYrZkF5b0xFT2c0TnBmcUd2?= =?utf-8?B?dTRqa0pHZjdmZDdRWmZBMEhJUko0V1U5NEdGcDQ3ZzJHUmF0RWluZURQNkJh?= =?utf-8?B?Tlk4cHJVODdTdHd3SnVmbDRLd2t6SGkweHFXb3plWmhZdHZMS0lhYm5iZHpI?= =?utf-8?B?c280YnR4dzhzOTVDNkR2ZUQzSncyVFVIWjhWV1l1bXNFbEwxd3VlR1o3djVp?= =?utf-8?B?WG85TDRiWU9QUlNIeS9UOFlNaXpmaU5xeEFuaVFMUmhvTkRGUi9hSjBEQWJz?= =?utf-8?B?N1pydXlwN3lvZlQvK2tOcFJuZEN6YUhpYUJJMDJiOWcwSXZsZUVlendsMzJD?= =?utf-8?B?cXg4TXpJcXk3L1VPOWk4MzVOTVJUOHNveW8xOHJLam9zL3AvMWtqd3M5T2Zx?= =?utf-8?B?dVpHZ3ZORkJuUjFHbmg2dFR3R3FLMUp0WUszYzNLRnVNSU9ZZjhqZz09?= X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-Network-Message-Id: fd4aaf64-945c-41c7-0567-08de55694a68 X-MS-Exchange-CrossTenant-AuthSource: DS2PR12MB9567.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 17 Jan 2026 01:39:44.2687 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: DbRgdOceXoVJBJXolae6sclytc4Xc3SEJlHrCA5czNoa+OU0WaElLI+G9kOVn1EYk7qh5/X+P//5diivILotTw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: LV2PR12MB999097 Message-ID-Hash: HSC2F72IEJBEVSUA6THYWMBV5ODS6ZFL X-Message-ID-Hash: HSC2F72IEJBEVSUA6THYWMBV5ODS6ZFL X-MailFrom: nathanc@nvidia.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; header-match-devel.lists.libvirt.org-0; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: skolothumtho@nvidia.com, nicolinc@nvidia.com, nathanc@nvidia.com, mochs@nvidia.com X-Mailman-Version: 3.3.10 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: From: Nathan Chen via Devel Reply-To: Nathan Chen X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1768614311490158500 From: Nathan Chen Open VFIO FDs from libvirt backend without exposing these FDs to XML users, i.e. one per iommufd hostdev for /dev/vfio/devices/vfioX, and pass the FD to qemu command line. Suggested-by: J=C3=A1n Tomko Signed-off-by: Nathan Chen --- src/libvirt_private.syms | 1 + src/qemu/qemu_command.c | 21 +++++++++++ src/qemu/qemu_process.c | 78 ++++++++++++++++++++++++++++++++++++++++ src/util/virpci.c | 39 ++++++++++++++++++++ src/util/virpci.h | 2 ++ 5 files changed, 141 insertions(+) diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index 7fa76a1ec3..d81b30f0b6 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -3156,6 +3156,7 @@ virPCIDeviceGetStubDriverName; virPCIDeviceGetStubDriverType; virPCIDeviceGetUnbindFromStub; virPCIDeviceGetUsedBy; +virPCIDeviceGetVfioPath; virPCIDeviceGetVPD; virPCIDeviceHasPCIExpressLink; virPCIDeviceIsAssignable; diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index 5274b33d17..406f14831c 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -4810,6 +4810,18 @@ qemuBuildPCIHostdevDevProps(const virDomainDef *def, NULL) < 0) return NULL; =20 + if (pcisrc->driver.name =3D=3D VIR_DEVICE_HOSTDEV_PCI_DRIVER_NAME_VFIO= && + pcisrc->driver.iommufd =3D=3D VIR_TRISTATE_BOOL_YES) { + qemuDomainHostdevPrivate *hostdevPriv =3D QEMU_DOMAIN_HOSTDEV_PRIV= ATE(dev); + + if (hostdevPriv->vfioDeviceFd !=3D -1) { + g_autofree char *fdstr =3D g_strdup_printf("%d", hostdevPriv->= vfioDeviceFd); + if (virJSONValueObjectAdd(&props, "S:fd", fdstr, NULL) < 0) + return NULL; + hostdevPriv->vfioDeviceFd =3D -1; + } + } + if (qemuBuildDeviceAddressProps(props, def, dev->info) < 0) return NULL; =20 @@ -5254,6 +5266,15 @@ qemuBuildHostdevCommandLine(virCommand *cmd, if (qemuCommandAddExtDevice(cmd, hostdev->info, def, qemuCaps)= < 0) return -1; =20 + if (subsys->u.pci.driver.iommufd =3D=3D VIR_TRISTATE_BOOL_YES)= { + qemuDomainHostdevPrivate *hostdevPriv =3D QEMU_DOMAIN_HOST= DEV_PRIVATE(hostdev); + + if (hostdevPriv->vfioDeviceFd !=3D -1) { + virCommandPassFD(cmd, hostdevPriv->vfioDeviceFd, + VIR_COMMAND_PASS_FD_CLOSE_PARENT); + } + } + if (!(devprops =3D qemuBuildPCIHostdevDevProps(def, hostdev))) return -1; =20 diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c index a53bb40783..2841856454 100644 --- a/src/qemu/qemu_process.c +++ b/src/qemu/qemu_process.c @@ -103,6 +103,7 @@ #include "storage_source.h" #include "backup_conf.h" #include "storage_file_probe.h" +#include "virpci.h" =20 #include "logging/log_manager.h" #include "logging/log_protocol.h" @@ -7670,6 +7671,81 @@ qemuProcessPrepareHostBackendChardevHotplug(virDomai= nObj *vm, return 0; } =20 +/** + * qemuProcessOpenVfioDeviceFd: + * @hostdev: host device definition + * @vfioFd: returned file descriptor + * + * Opens the VFIO device file descriptor for a hostdev. + * + * Returns: FD on success, -1 on failure + */ +static int +qemuProcessOpenVfioDeviceFd(virDomainHostdevDef *hostdev) +{ + g_autofree char *vfioPath =3D NULL; + int fd =3D -1; + + if (hostdev->mode !=3D VIR_DOMAIN_HOSTDEV_MODE_SUBSYS || + hostdev->source.subsys.type !=3D VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PC= I) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("VFIO FD only supported for PCI hostdevs")); + return -1; + } + + if (virPCIDeviceGetVfioPath(&hostdev->source.subsys.u.pci.addr, &vfioP= ath) < 0) + return -1; + + VIR_DEBUG("Opening VFIO device %s", vfioPath); + + if ((fd =3D open(vfioPath, O_RDWR | O_CLOEXEC)) < 0) { + if (errno =3D=3D ENOENT) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("VFIO device %1$s not found - ensure device i= s bound to vfio-pci driver"), + vfioPath); + } else { + virReportSystemError(errno, + _("cannot open VFIO device %1$s"), vfioPa= th); + } + return -1; + } + + VIR_DEBUG("Opened VFIO device FD %d for %s", fd, vfioPath); + return fd; +} + +/** + * qemuProcessOpenVfioFds: + * @vm: domain object + * + * Opens all necessary VFIO file descriptors for the domain. + * + * Returns: 0 on success, -1 on failure + */ +static int +qemuProcessOpenVfioFds(virDomainObj *vm) +{ + size_t i; + + /* Check if we have any hostdevs that need VFIO FDs */ + for (i =3D 0; i < vm->def->nhostdevs; i++) { + virDomainHostdevDef *hostdev =3D vm->def->hostdevs[i]; + qemuDomainHostdevPrivate *hostdevPriv =3D QEMU_DOMAIN_HOSTDEV_PRIV= ATE(hostdev); + + if (hostdev->mode =3D=3D VIR_DOMAIN_HOSTDEV_MODE_SUBSYS && + hostdev->source.subsys.type =3D=3D VIR_DOMAIN_HOSTDEV_SUBSYS_T= YPE_PCI && + hostdev->source.subsys.u.pci.driver.name =3D=3D VIR_DEVICE_HOS= TDEV_PCI_DRIVER_NAME_VFIO && + hostdev->source.subsys.u.pci.driver.iommufd =3D=3D VIR_TRISTAT= E_BOOL_YES) { + /* Open VFIO device FD */ + hostdevPriv->vfioDeviceFd =3D qemuProcessOpenVfioDeviceFd(host= dev); + if (hostdevPriv->vfioDeviceFd =3D=3D -1) + return -1; + } + } + + return 0; +} + /** * qemuProcessPrepareHost: * @driver: qemu driver @@ -7725,6 +7801,8 @@ qemuProcessPrepareHost(virQEMUDriver *driver, hostdev_flags |=3D VIR_HOSTDEV_COLD_BOOT; if (qemuHostdevPrepareDomainDevices(driver, vm->def, hostdev_flags) < = 0) return -1; + if (qemuProcessOpenVfioFds(vm) < 0) + return -1; =20 VIR_DEBUG("Preparing chr device backends"); if (qemuProcessPrepareHostBackendChardev(vm) < 0) diff --git a/src/util/virpci.c b/src/util/virpci.c index 90617e69c6..2348a98003 100644 --- a/src/util/virpci.c +++ b/src/util/virpci.c @@ -3320,3 +3320,42 @@ virPCIDeviceAddressFree(virPCIDeviceAddress *address) { g_free(address); } + +/** + * virPCIDeviceGetVfioPath: + * @addr: host device PCI address + * @vfioPath: returned VFIO device path + * + * Constructs the VFIO device path for a PCI hostdev. + * + * Returns: 0 on success, -1 on failure + */ +int +virPCIDeviceGetVfioPath(virPCIDeviceAddress *addr, + char **vfioPath) +{ + g_autofree char *addrStr =3D NULL; + g_autofree char *sysfsPath =3D NULL; + g_autoptr(DIR) dir =3D NULL; + struct dirent *entry =3D NULL; + + *vfioPath =3D NULL; + addrStr =3D virPCIDeviceAddressAsString(addr); + + /* Look in device's vfio-dev subdirectory */ + sysfsPath =3D g_strdup_printf("/sys/bus/pci/devices/%s/vfio-dev/", add= rStr); + + if (virDirOpen(&dir, sysfsPath) =3D=3D 1) { + while (virDirRead(dir, &entry, sysfsPath) > 0) { + if (STRPREFIX(entry->d_name, "vfio")) { + *vfioPath =3D g_strdup_printf("/dev/vfio/devices/%s", entr= y->d_name); + return 0; + } + } + } + + virReportError(VIR_ERR_INTERNAL_ERROR, + _("cannot find VFIO device for PCI device %1$s"), + addrStr); + return -1; +} diff --git a/src/util/virpci.h b/src/util/virpci.h index fc538566e1..24ede10755 100644 --- a/src/util/virpci.h +++ b/src/util/virpci.h @@ -296,6 +296,8 @@ void virPCIEDeviceInfoFree(virPCIEDeviceInfo *dev); =20 void virPCIDeviceAddressFree(virPCIDeviceAddress *address); =20 +int virPCIDeviceGetVfioPath(virPCIDeviceAddress *addr, char **vfioPath); + G_DEFINE_AUTOPTR_CLEANUP_FUNC(virPCIDevice, virPCIDeviceFree); G_DEFINE_AUTOPTR_CLEANUP_FUNC(virPCIDeviceAddress, virPCIDeviceAddressFree= ); G_DEFINE_AUTOPTR_CLEANUP_FUNC(virPCIEDeviceInfo, virPCIEDeviceInfoFree); --=20 2.43.0 From nobody Mon Feb 2 05:56:45 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; arc=fail (Bad Signature); dmarc=pass(p=reject dis=none) header.from=lists.libvirt.org Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1768614364791144.52739117039948; Fri, 16 Jan 2026 17:46:04 -0800 (PST) Received: by lists.libvirt.org (Postfix, from userid 993) id E38B341C17; Fri, 16 Jan 2026 20:46:03 -0500 (EST) Received: from [172.19.199.3] (lists.libvirt.org [8.43.85.245]) by lists.libvirt.org (Postfix) with ESMTP id BD07343FFE; Fri, 16 Jan 2026 20:40:05 -0500 (EST) Received: by lists.libvirt.org (Postfix, from userid 993) id 6A77941B4F; Fri, 16 Jan 2026 20:39:50 -0500 (EST) Received: from CH1PR05CU001.outbound.protection.outlook.com (mail-northcentralusazon11010042.outbound.protection.outlook.com [52.101.193.42]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (prime256v1) server-signature RSA-PSS (3072 bits) server-digest SHA256) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id 2D33741B4F for ; Fri, 16 Jan 2026 20:39:47 -0500 (EST) Received: from DS2PR12MB9567.namprd12.prod.outlook.com (2603:10b6:8:27c::8) by LV2PR12MB999097.namprd12.prod.outlook.com (2603:10b6:408:353::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9520.6; Sat, 17 Jan 2026 01:39:45 +0000 Received: from DS2PR12MB9567.namprd12.prod.outlook.com ([fe80::636:1b52:24ca:d7e5]) by DS2PR12MB9567.namprd12.prod.outlook.com ([fe80::636:1b52:24ca:d7e5%3]) with mapi id 15.20.9520.005; Sat, 17 Jan 2026 01:39:45 +0000 X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-3.4 required=5.0 tests=ARC_SIGNED,ARC_VALID,BAYES_00, DKIM_INVALID,DKIM_SIGNED,MAILING_LIST_MULTI,RCVD_IN_DNSWL_LOW, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED,RCVD_IN_VALIDITY_RPBL_BLOCKED, RCVD_IN_VALIDITY_SAFE_BLOCKED,SPF_PASS autolearn=unavailable autolearn_force=no version=4.0.1 ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=Ql4ZOAkte1U/PP/QBv//RgvPJ2iw+zH8NL/g4mXZ/Y+4slIr45OjO6nAdtd3eZkcGYyLnzc5GbcKnfi6E1aPjey7OlrDY/xA+MRqZjnbJzy2EMRkT4EBffdoryuu/WE4thEQOMZqCESkk1OwS12tkzQ0tPBz9o9yOQV4XBZhuL4fko0MAkoNX3NWkzuNW81ZOzcnbmaYIyysHgE2cghKU3Fh5qI/rQ2b42GMg0oac23R+SuDprC79c3aR3MjBhHl82cadrNB/uSD0MndDoAbGRzQD/T6nDGIo57Oc82HArSCGv0k9xHVVVBz7oZLP2lYz4i0x0CidNnp5C0OvGJMBA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=UtHRTa/+b7wbTjqV4Ket7/e68DPOkgeg9Kb3tbMhFks=; b=yC0X27o/CCONdy8B2p48BIpkZAyGYujhDIkGkGmhbVEIRMioo8xWsaT3oBlDLNvObB9/2vCcON4Ez14WtEE7NtoXU5LtL09LcG5X7GhlnNlEnppZnbnCmfodwmNNv5pTXHZr8fcqlg34zo/7C+ygyshOjcayojkkrpy0W1BtX3K8wXxfpzq7HbhBI0e2V2EPTExaSbndBkqN1j10lmfMSYXG1nk97q6cloYDqJzuMrGjPlc8GfS75omNKP8Jh6Nqa/evrq14mb1XQb+4Q2lpXOFysMgMsoYgBoYLNqGYjHZ0mAayP1F+TG10XHlpnO5Z2e9EP8T9AujVjSgslD7FAg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nvidia.com; dmarc=pass action=none header.from=nvidia.com; dkim=pass header.d=nvidia.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=UtHRTa/+b7wbTjqV4Ket7/e68DPOkgeg9Kb3tbMhFks=; b=swUqCf5ovRVvI+gli5cZPIXQv2mntiP3ylff/RqyGD2ouV8Kqbx3I3ldCjLyD0bV5d6IwGzfA8nTQbO8yPBlGBD9nCZk72UZxJnWEkeNG9MreSu+RDTTW7CdzA81XCXeljB7w/hl/fBy7cZFs4gbpZbSfZzVqosG73CWd2Zcs0FPl5wO4DSYP37VgPH+qXACYE0Lhdeo7U74IPWojrpPqzZbJuVbmj2gH0ENr3jA7TuLl4FpUxqaXbEV/0KU642ixGuSwzg6+DQEG7idqqXyRWG+lokDS1pgfl3J53+UQN5fgAKGoJ66+uURzA59KBuL4iUynEbZsvTpvnyahjIdXg== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nvidia.com; To: devel@lists.libvirt.org Subject: [PATCH v5 5/7] qemu: open iommufd FD from libvirt backend Date: Fri, 16 Jan 2026 17:39:35 -0800 Message-ID: <20260117013937.3803457-6-nathanc@nvidia.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20260117013937.3803457-1-nathanc@nvidia.com> References: <20260117013937.3803457-1-nathanc@nvidia.com> Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: SJ0PR13CA0170.namprd13.prod.outlook.com (2603:10b6:a03:2c7::25) To DS2PR12MB9567.namprd12.prod.outlook.com (2603:10b6:8:27c::8) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS2PR12MB9567:EE_|LV2PR12MB999097:EE_ X-MS-Office365-Filtering-Correlation-Id: e08214ea-b0c5-44c8-a83e-08de55694b31 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|376014|1800799024|366016; X-Microsoft-Antispam-Message-Info: =?utf-8?B?ZXYvZFJiMittYmtWV0tRR1RhWFRESDRtQTRZYjQvT1JIMEFrTjBudVBsZ1Vm?= =?utf-8?B?TU14UFpsSlFuaTNWZXFDUVh3Wk1OQUF6SXBjcXBPUjdjaCsySVQvQU9kWFF4?= =?utf-8?B?VHBsQkx5QkxweEh2TjJ5a2swVGlIcHk4bkc4UDMvWnYrN3NnUmZ4anRiNFNX?= =?utf-8?B?NGFrdWV2ZlZpZGxubWJ4SUFzSEExUTRDVUdTcjdIUStONExna0x1MWJCZ05X?= =?utf-8?B?TlNTVHhva2t3b3hrUVVvbXdaRVZnUXhvMERKbkpKWEFqbUJtWU5ET1pHdEtZ?= =?utf-8?B?endMM2VVYUdLcS9RTjZuajA3VjJTaFdCb0M1REdGSTVuaG1wVVVkbjlKT3N3?= =?utf-8?B?VVAwdGhWQmNFZW9Kd2NBUHN6aXRpSzZtZnhIdTVtWTZQOHdaTlMxRDh1OVRT?= =?utf-8?B?RnZCU3NaTkJUL3ROZmZXUzVWVlpoWWROSW1hRUlMVVA5WGhQUTFlY1JHc21j?= =?utf-8?B?bDg1dmZTR0JiT0tPM0t0MU9iaCtyNDYwVGlaRGU3ZWNTL2JNUXVvSHVQV0pG?= =?utf-8?B?Z0hKVzY2NkZZSHJvNXNZemw4RlUrbnNiaXpXdG1qUVlteWlXWkM1NWpTbSt0?= =?utf-8?B?STdxRStGMWlZemtSbXpsQXRPR0w4RS9HQ1hmckNYUUhaQ2d3ZXdRNXd0ejla?= =?utf-8?B?SE14QUsxUHNsVjdJa0kyRllOS1QyRVFmdk13OWFwL1Zsd1o5RDkwUXAwYU0x?= =?utf-8?B?RkpYaDEvWDVQWVdycjFJNUpFa3F6N1diL2hndW03aXF0M2FxR3V5OVg1VFJ3?= =?utf-8?B?VUtzQ0hHMmEva3NtUkEyUGJyWndGSXltejgrTUNFWFUxRWM2bVpZbnpEa2RL?= =?utf-8?B?eTcvREZwYUkrU1NFay8reDFOejFxRk04REROL0Fvdm9jeHhYTTRGQmRlUjNm?= =?utf-8?B?R2JkN1VtRndsSU5sYU8xRzJFNG1Jdlkxc2wxbytNc2RhaUJRb2pvUGF2YWEx?= =?utf-8?B?dmhEZlZaaTkyTHZVdU5PdHNqaFpuWVVOWTFZbWtZQWxXM2dLdE43aU50azVj?= =?utf-8?B?RlREV1BiaXpzVjVrYnJXSGNQZGZWMGR2cVVodHpvVm8vSnl1WjA1S2pFQjdD?= =?utf-8?B?WkZpVkZ3MXBIRnhWemV2d1VPaU1BY0QrWXRiMThpeGwwa3B2MCt3a2hKV1hS?= =?utf-8?B?Y0JKdmIrVjZIN093RkdEWTkrN1BnVHZNdmVLaTNCcm5oY1pFSGE2czI1Z2pl?= =?utf-8?B?OEZtcndBZmNuYmpxa2UyYjJPamliU0lQekJpSUZSeTNUVmxWWU82cTBTZTda?= =?utf-8?B?elNDZVphak9Sei9WK0pXTzVWSkdnV00xVUdJZzlnZjdSZndrVytOODZkeWp0?= =?utf-8?B?VVFyNXNGTExyUU1oOXA3aE1xa2lWRVRaR25DVnZHV09VUGgwOGU3aUR6T25x?= =?utf-8?B?S3J2amFGdWFRb3JtZW9mK2xTeldlZlBSNEhZempBdnNYbkdqTlB0YUh4aGNm?= =?utf-8?B?MUgvK2s1dVZOT2JLb3hhSDZFZDJpbS9pM3FjUFViY1MzRldJellRR0ZsNEk3?= =?utf-8?B?dzNiY3dKU3ZsZnRsMkJtV1JhYlUzM1ZQeEF2eG4ySGxQajhDVncyZVhIQWxM?= =?utf-8?B?L2xjZEpFWVJRWEtueFlwaFNXZ0tza3lvdnA0a2Q1TjRlSkhqUWU3NkRjV2tX?= =?utf-8?B?d2JHVzVDaXAzUWhIeXcvT2NkbWRpR1JrWlRXK1FWU1hBSnBuVkhLWHpUUmlJ?= =?utf-8?B?MUVrSitHNG5TTC9aRURQMEFmSXNoQ2t6Tk5wNGdFaHZibEdDZEdZV3JwQmRB?= =?utf-8?B?UEFPQjFrbTN2T1g3Sy9VcEJDSDBqYXNpQzZDMkpqZkNrSnBuaGZYV2hGTGdG?= =?utf-8?B?OWZRSWRWOHhnV2c2NEc5NHg4NHJKdWxyNXZFSW5FY2RpenhsOVA1TlJ1aFlF?= =?utf-8?B?QnowS2NoRVNwbDd0cUt0MUtMTXZ1N1NqZHgxNUMxNlFYb1l5V2V2cml5c1dJ?= =?utf-8?B?cktpK3JyOS84emhZYlVKa1VpeW9IRE5Sd3VTc3BoeWdoS2s4OXVNUWQxUGJo?= =?utf-8?B?NnduZ0xheENNekFKOHFFY0xzS3hOc21KSTJIMzFkek9tbTEzeXljSWx6WlVX?= =?utf-8?B?clFOV0loTmYvdi95bUdCSUFJTWFkajNBWTZhU2k2S1RQTWhWM2ZjSDFBNWw5?= =?utf-8?Q?mH9o=3D?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DS2PR12MB9567.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(376014)(1800799024)(366016);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?bWdGMHJWbE01VHBLMzcyUEY1OEVnUFI3QUFYYzV5SXlRdGROanU4RXVOcE5q?= =?utf-8?B?QVRyNGlEVnRlZDNqU1ZSMFQ5NkpSL0JvcmJtSFJtVmJ1SkFMTnJiSWd2Ukkw?= =?utf-8?B?OS8yYnQ3b1lJN3d2U1RYOHpKSUhraXIvbmoyVzBKd2srQXFTdzRqRWQ0MFZy?= =?utf-8?B?MnNBc09UUVd1VUdDUVpmSXJFRGl4ZmYzeG9SZGZmazdHZmxIZmxNZTVjclVz?= =?utf-8?B?MitqVk1DRmJ4Ykt4QlRlclE3a1Q5T2w5ZWtCWlZWU2R5NjRvZ3RJOHFTdHFF?= =?utf-8?B?TGVkVnBKelp1MXF3czRiYUxIaE5IcStXTHliQUprOU9ETWVhNnROZ3NiZ3hC?= =?utf-8?B?TXR2ZFh3eVh6cUpjUi9pb0srVWozNEFnOXNOUjJNRnNuM09BK0NYa0YwZVJO?= =?utf-8?B?Z2NkTWx0UytFS2VOeWhoMTFqZEZRWU00OUxqOVlsZFZxa3F1eFRVY3djWkQ2?= =?utf-8?B?U1lsK0EwY3ppRmxEZDNrdEhUUzJXUEtjbWozQlFOWTNlQXEzaG1rYnZUOFJS?= =?utf-8?B?d2w0ZzhWZWlqUGpjK1hDdUxCaTdKZkM0TW5Pc0tCditielFuVFpxSFZBbFk5?= =?utf-8?B?ZHlxMXZzR3NaaC91S1I1ejNja2lsMlpDQnI2dlYrd2FrQWwxQjRQMmdxbWs1?= =?utf-8?B?eGFJcjhhSlpMblA5UG4rZFU0TmYwMlBqQWRsaHc3L3ZKTlprZFBNa013bnNI?= =?utf-8?B?RDlyY2E1MXVxVW40RHZrWHFQZTJWSFYvaS8yVVF6V2piT1VoV3Y2MXh6bTRU?= =?utf-8?B?NC85TUR3V0RRYmJ0Ym5MaEZJeGYxcU1uMGlFR2JtNlhLWXVNNUt0YTVrYUlI?= =?utf-8?B?eDNRRkg1c3NFd3hUU0dJMnJvc2N1b0ZKMGcySWovN0hlU1o4Ujd4bHROUGR1?= =?utf-8?B?Y3o1a3ZZRlg1UmRXMG1EeVNlN3FqMmFlWG1BRFB5am02cWZFZktYNWNTb2ox?= =?utf-8?B?L25FSXc1bDdWazdBd3JjVzVHamdPajVuQU02V3lBTER4eElQMVFnN2VZV1Ja?= =?utf-8?B?Z0pNS1BXU21xQnBRZHJYMU1wNk1uVDlOS1dCWHZFeWkxVCtZVkRtVGFlOFNo?= =?utf-8?B?dW1NalZiRDVDbGFhVWI1NGpIU3VHRTNwcmdwUkU0NktOaFh4R21Nb3F3NWQr?= =?utf-8?B?MjJRMmRqamV6ckZIZE9XZ201OUVsSGZGZ1hJdkJzUHhqOUxLQUZlbkR1WTdk?= =?utf-8?B?MjlYRzZQR0lER0RSSlBlVHdNTjZudFhYMThxTHlacXRuVG4xNVlKT2x0ZElx?= =?utf-8?B?aG1ySnkyMCtxeWpaL2JjNUNYOHBWbi9XR2Z4K2grbVJSN2pCVmh4clpHczJ5?= =?utf-8?B?THVkT0JKRzVtNFBXaVlYdHJQaGZHYU1PSGd2eWRrSThDcGZlNndkUUgwWGhz?= =?utf-8?B?L0REcUphc3hLY2RwdE5xdnVEeVVnS0k5L3lmWlEzR0VHV1NrY05Ya3pEM0hK?= =?utf-8?B?UWhmN1lNTDZlZDdBNVMyMGJwZUw1NHJQcWhGV0dXZjRGZ0NxVjJIVVFnSW1P?= =?utf-8?B?OFhQcXA2dHV5UFovSlZHVlJUTkNkbkpmQ2xjd3VFR3p0Y0ZSM284Mjhzbzgr?= =?utf-8?B?Zm9wKytoZ3F0ZitJQStyR0MxK29wd1NoVjBuYnVUeFMzVXpBQW84OUxXTVVI?= =?utf-8?B?NXA1emU1SGdGU3VqWE0vdnc0OG5JU08xV3YxU3BBazdYN1M2R01TUG4xaDhn?= =?utf-8?B?TGZYYkFEUXlaQjE5Nk1LSGpTUkRxejVqN3Q4aUh1NS9KeFdWYXVrTlBmV2RT?= =?utf-8?B?ZlJURThLU2VnMU5MOHp0bXlTZmN2UkhoZVhCamhzM0lXNTI4d3JDUnVzbmJB?= =?utf-8?B?b0RzRnRQeStDbDc0UmRvNHhldTl4RFlQdUErRGpodm03K3NJR1BLRGZkK3lR?= =?utf-8?B?WElpS3BtbDJUVFNGOVZXeVdaeTlUNWNwKy9uOFlKeElOdTdFa3BxYTZkcTlN?= =?utf-8?B?bzMzUmJ5QUtrZkhxc1NQNXlBZXhtb3Y2QTJDMVFBRDFiR1M4OHRzVndvQXVN?= =?utf-8?B?eTRHTldFK3NpdWdzV2tUdlIyb0wvaUZjRE5YaHMxL3l5dzVFMDEwaUlSYXFY?= =?utf-8?B?Vk1hU1gyY3dDTFlHUWhoZGpJcklESjArZjJ5dEFYR3htUlZwUXdGVUluWE9U?= =?utf-8?B?b20vOVZIc3J2eUpxMkgwRFRiUDVSdkRyMXRYMFdSTzVEb1dpNnV5QjFMS0xn?= =?utf-8?B?UHM1TlNuYTdwZmE0Q0hISG11Um8yMDVjZytpa0lYU1FTdnBVZ2ovZUtEWEQv?= =?utf-8?B?WWN3OWRVa1RRbG51cmQwVk9xL2kwK0lYR0FGRUxjS0JaM3VqcE1DSFJaTVlU?= =?utf-8?B?eHY2MWtmWDN6K29QN2JoTmQ0aGx6QnhIS2pVK3FvM2lWNlB3eWpOUT09?= X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-Network-Message-Id: e08214ea-b0c5-44c8-a83e-08de55694b31 X-MS-Exchange-CrossTenant-AuthSource: DS2PR12MB9567.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 17 Jan 2026 01:39:45.6075 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: h4DnDEgMIwqXUMc+6SlFLFf/lErGJG+eXL5gYZwL6wSG0CRbFOhtlqJgFVFfdILF0KRlNe2Sr88MDB3hJWTFFw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: LV2PR12MB999097 Message-ID-Hash: 7HEFZK7Q5TDTPJ6NEIHX2MDCERU4UZJI X-Message-ID-Hash: 7HEFZK7Q5TDTPJ6NEIHX2MDCERU4UZJI X-MailFrom: nathanc@nvidia.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; header-match-devel.lists.libvirt.org-0; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: skolothumtho@nvidia.com, nicolinc@nvidia.com, nathanc@nvidia.com, mochs@nvidia.com X-Mailman-Version: 3.3.10 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: From: Nathan Chen via Devel Reply-To: Nathan Chen X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1768614365667158500 From: Nathan Chen Open iommufd FD from libvirt backend without exposing these FDs to XML users, i.e. one per domain for /dev/iommu, and pass the FD to qemu command line. Set per-process memory accounting for iommufd instead of the default per-user memory accounting. Suggested-by: J=C3=A1n Tomko Signed-off-by: Nathan Chen --- src/qemu/qemu_command.c | 13 +++++++++++-- src/qemu/qemu_domain.c | 1 + src/qemu/qemu_domain.h | 2 ++ src/qemu/qemu_process.c | 43 +++++++++++++++++++++++++++++++++++++++++ 4 files changed, 57 insertions(+), 2 deletions(-) diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index 406f14831c..85c368f0f9 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -5349,9 +5349,13 @@ qemuBuildHostdevCommandLine(virCommand *cmd, =20 static int qemuBuildIOMMUFDCommandLine(virCommand *cmd, - const virDomainDef *def) + const virDomainDef *def, + virDomainObj *vm) { size_t i; + qemuDomainObjPrivate *priv =3D vm->privateData; + g_autofree char *fdstr =3D g_strdup_printf("%d", priv->iommufd); + =20 for (i =3D 0; i < def->nhostdevs; i++) { virDomainHostdevDef *hostdev =3D def->hostdevs[i]; @@ -5370,8 +5374,13 @@ qemuBuildIOMMUFDCommandLine(virCommand *cmd, if (subsys->u.pci.driver.iommufd !=3D VIR_TRISTATE_BOOL_YES) continue; =20 + virCommandPassFD(cmd, priv->iommufd, VIR_COMMAND_PASS_FD_CLOSE_PAR= ENT); + + priv->iommufd =3D -1; + if (qemuMonitorCreateObjectProps(&props, "iommufd", "iommufd0", + "S:fd", fdstr, NULL) < 0) return -1; =20 @@ -10997,7 +11006,7 @@ qemuBuildCommandLine(virDomainObj *vm, if (qemuBuildRedirdevCommandLine(cmd, def, qemuCaps) < 0) return NULL; =20 - if (qemuBuildIOMMUFDCommandLine(cmd, def) < 0) + if (qemuBuildIOMMUFDCommandLine(cmd, def, vm) < 0) return NULL; =20 if (qemuBuildHostdevCommandLine(cmd, def, qemuCaps) < 0) diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index 85eea1801f..c5e1cd5279 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -2042,6 +2042,7 @@ qemuDomainObjPrivateAlloc(void *opaque) priv->blockjobs =3D virHashNew(virObjectUnref); priv->fds =3D virHashNew(g_object_unref); =20 + priv->iommufd =3D -1; priv->pidMonitored =3D -1; =20 /* agent commands block by default, user can choose different behavior= */ diff --git a/src/qemu/qemu_domain.h b/src/qemu/qemu_domain.h index 3aac743875..fabfe265bf 100644 --- a/src/qemu/qemu_domain.h +++ b/src/qemu/qemu_domain.h @@ -264,6 +264,8 @@ struct _qemuDomainObjPrivate { /* named file descriptor groups associated with the VM */ GHashTable *fds; =20 + int iommufd; + char *memoryBackingDir; }; =20 diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c index 2841856454..c5b2a5fda8 100644 --- a/src/qemu/qemu_process.c +++ b/src/qemu/qemu_process.c @@ -104,6 +104,7 @@ #include "backup_conf.h" #include "storage_file_probe.h" #include "virpci.h" +#include "viriommufd.h" =20 #include "logging/log_manager.h" #include "logging/log_protocol.h" @@ -7671,6 +7672,42 @@ qemuProcessPrepareHostBackendChardevHotplug(virDomai= nObj *vm, return 0; } =20 +/** + * qemuProcessOpenIommuFd: + * @vm: domain object + * @iommuFd: returned file descriptor + * + * Opens /dev/iommu file descriptor for the VM. + * + * Returns: FD on success, -1 on failure + */ +static int +qemuProcessOpenIommuFd(virDomainObj *vm) +{ + int fd =3D -1; + + VIR_DEBUG("Opening IOMMU FD for domain %s", vm->def->name); + + if ((fd =3D open(VIR_IOMMU_DEV_PATH, O_RDWR | O_CLOEXEC)) < 0) { + if (errno =3D=3D ENOENT) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("IOMMU FD support requires /dev/iommu device"= )); + } else { + virReportSystemError(errno, "%s", + _("cannot open /dev/iommu")); + } + return -1; + } + + if (virIOMMUFDSetRLimitMode(fd, true) < 0) { + VIR_FORCE_CLOSE(fd); + return -1; + } + + VIR_DEBUG("Opened IOMMU FD %d for domain %s", fd, vm->def->name); + return fd; +} + /** * qemuProcessOpenVfioDeviceFd: * @hostdev: host device definition @@ -7725,6 +7762,7 @@ qemuProcessOpenVfioDeviceFd(virDomainHostdevDef *host= dev) static int qemuProcessOpenVfioFds(virDomainObj *vm) { + qemuDomainObjPrivate *priv =3D vm->privateData; size_t i; =20 /* Check if we have any hostdevs that need VFIO FDs */ @@ -7740,6 +7778,11 @@ qemuProcessOpenVfioFds(virDomainObj *vm) hostdevPriv->vfioDeviceFd =3D qemuProcessOpenVfioDeviceFd(host= dev); if (hostdevPriv->vfioDeviceFd =3D=3D -1) return -1; + + /* Open IOMMU FD */ + priv->iommufd =3D qemuProcessOpenIommuFd(vm); + if (priv->iommufd =3D=3D -1) + return -1; } } =20 --=20 2.43.0 From nobody Mon Feb 2 05:56:45 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; arc=fail (Bad Signature); dmarc=pass(p=reject dis=none) header.from=lists.libvirt.org Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1768614422046118.435899053929; Fri, 16 Jan 2026 17:47:02 -0800 (PST) Received: by lists.libvirt.org (Postfix, from userid 993) id 33D3141C9A; Fri, 16 Jan 2026 20:47:01 -0500 (EST) Received: from [172.19.199.3] (lists.libvirt.org [8.43.85.245]) by lists.libvirt.org (Postfix) with ESMTP id 831954404E; Fri, 16 Jan 2026 20:40:06 -0500 (EST) Received: by lists.libvirt.org (Postfix, from userid 993) id 439C743E69; Fri, 16 Jan 2026 20:39:55 -0500 (EST) Received: from CH1PR05CU001.outbound.protection.outlook.com (mail-northcentralusazon11010004.outbound.protection.outlook.com [52.101.193.4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (prime256v1) server-signature RSA-PSS (3072 bits)) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id 75E0C41B81 for ; Fri, 16 Jan 2026 20:39:49 -0500 (EST) Received: from DS2PR12MB9567.namprd12.prod.outlook.com (2603:10b6:8:27c::8) by LV2PR12MB999097.namprd12.prod.outlook.com (2603:10b6:408:353::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9520.6; Sat, 17 Jan 2026 01:39:47 +0000 Received: from DS2PR12MB9567.namprd12.prod.outlook.com ([fe80::636:1b52:24ca:d7e5]) by DS2PR12MB9567.namprd12.prod.outlook.com ([fe80::636:1b52:24ca:d7e5%3]) with mapi id 15.20.9520.005; Sat, 17 Jan 2026 01:39:47 +0000 X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-3.4 required=5.0 tests=ARC_SIGNED,ARC_VALID,BAYES_00, DKIM_INVALID,DKIM_SIGNED,MAILING_LIST_MULTI,RCVD_IN_DNSWL_LOW, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED,RCVD_IN_VALIDITY_RPBL_BLOCKED, RCVD_IN_VALIDITY_SAFE_BLOCKED,SPF_PASS autolearn=unavailable autolearn_force=no version=4.0.1 ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=zEEAjextGWUXDBxpgsJLlB6Sb5G1zpnyYcE4GyqCGQ8r71B3/5t92H3I2VBAoEDENLchyn6SzOyZRitGf3S6urQ4XwoqwZMxHP5IXMFXm58+FLjgEBgSG/1/U4xnwrCSgZUMEQhJTIEdj305zqZ59LRZpvdS745U9zS5NkfDzu+FTc868D1opi3ExqWbCqZBoGrwecRReEDBlCvSt1sBPSeOLydWBtB35eJ/gA/awzxcSdRro4/1uuttOwpCrQwKSGy7OJ43UdnvCU61V8GH0hUNYHFciWTsL37OE5SWstNtxrHA7rxpUTiNRoJJ9mjf2yR7NLc8QpjFjJV5wqu4uA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=KldDjpMVf57tYMiWw2YRyh6Sh9VTjITtBiBx0Sb3hZQ=; b=UwfWiKbSTB+rIKHK/NWJibvZFAs/fSJ8qkWGTWcICZ8jkana/G9CiG/3TbcRZkk01T6iLajPmov8yK6i/pQkcEA98G5eOI8KxFxu3WhjhAxJLoaR12wMmwD0vaMHiXNe7sPHBxGSIuCQT0c8gLkPb22xkuDJhxunfA7nZbZNC0yz8MRNLrNfnOGOtRo/AxuKoXnUvJfsPcw2fuYQhNMudjtu+vfU1yiGyZ8yq6kc7FaKQbqYwNY1Ym6xh4wFMeNO3DK5wZV6qJpJnGsyrRcKTw/4wlv3TyL//poN6hsQoNSUup4kFNT3CZhLOBRpB9Q3c0IUGsCFw1bWg00iALUb7A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nvidia.com; dmarc=pass action=none header.from=nvidia.com; dkim=pass header.d=nvidia.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=KldDjpMVf57tYMiWw2YRyh6Sh9VTjITtBiBx0Sb3hZQ=; b=HRhWBp4H7/cs+iCeRrMF9X2ngrefIkEPNxvbKC/pB6GCHopTPC0XoemYDSNxB0y6oDbR3eQnkv6PZV0XwHMxASIRlUEUMyo266oolWOaJSOo6FL0hSOdZrSJ9eyBvAX7Y1mGYqSaxkhB22G0ufD0dORkp8tDFac+711kWo4n7J6TWWNGXQtnHwpSHAQj8jusT6My2vo+2Oe2jbEKyrsC4Ko1c1YEFQceuJxU+ebanjl4zkTYh83MaEgo3LZ8Urf8RVZ/UpK9Qtr3B6+EgzSl0f/sVZsVrDpxdrfFAB6V1zgha8GbIM+IgDO0uZ8TN8wbBQlo4HKImNn/v5cLEEgMTQ== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nvidia.com; To: devel@lists.libvirt.org Subject: [PATCH v5 6/7] qemu: Update Cgroup, namespace, and seclabel for iommufd Date: Fri, 16 Jan 2026 17:39:36 -0800 Message-ID: <20260117013937.3803457-7-nathanc@nvidia.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20260117013937.3803457-1-nathanc@nvidia.com> References: <20260117013937.3803457-1-nathanc@nvidia.com> Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: SJ0PR03CA0066.namprd03.prod.outlook.com (2603:10b6:a03:331::11) To DS2PR12MB9567.namprd12.prod.outlook.com (2603:10b6:8:27c::8) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS2PR12MB9567:EE_|LV2PR12MB999097:EE_ X-MS-Office365-Filtering-Correlation-Id: 915df2f5-e090-47f4-a8e9-08de55694c07 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|376014|1800799024|366016; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?voOOjWTImgk0lWFVbVhwBz7M09OQphs8S5hzXCioRSlZH/8zN5h51DxxSlID?= =?us-ascii?Q?yW8ervqS56a7vDQusVJn5za3UtI/816X7eZs2vWeIPxfVk/QkWov03QIGmYW?= =?us-ascii?Q?f9THWzx1zN+JiQ/I8TDHekvP2AvN6Y1AnKBrnYRrmPomfSoThfQLonpSb2Bp?= =?us-ascii?Q?t8bvj3JygZ5JwXS+NCrdPcEYo9gvrK8ytGuNA6BOcqT06sfCDnleE924EBXC?= =?us-ascii?Q?WXkuJv6fqE9vGEHpXYbkDseGvNCjB2sRxbymghx4yHPOEOEXR8fwFkeWAz40?= =?us-ascii?Q?toIK76V0vOHAnN7sqrsFk08Roz055DCN4FWBK02un8F/kIv7AAZjb/FH09N8?= =?us-ascii?Q?OlJ4gwjoZh72vNkME5tMqSRQ9ZKU/+YFrmbK9euQFNJiW2ZMmDU+3hxqJdVo?= =?us-ascii?Q?RqRxiLAsyJMQmNnnhvZqkl75MPmCaJgqk6oiaOZv/1S8SaiI0LtcRnkgYzqN?= =?us-ascii?Q?R3pvoSdnoMV6pqrx6mcjIcQhzCAj7BoXyJK4Ho892p0Drn2B3S2ml+she7IF?= =?us-ascii?Q?d4143OI6aMCIBvESSLzKROR403s45aiJBgUbfql/oT4xn7MlIiSd3pU64iql?= =?us-ascii?Q?3uIAf+/eB0nZGsLVHSgZUqJALT423lMYPTHhnIuNI4KioKSU6HMjRcr9N3XJ?= =?us-ascii?Q?zHkLmscdhZ7+X0T6dmbiSnpGwFcLKGgM2OacxqUYivENpJCbBGHmwuNpEO68?= =?us-ascii?Q?+9iIFkjTzstZbvdOAMOuEFIjoQqKjVa+EXPFTCRb64+U209qY+WvLhikKwcf?= =?us-ascii?Q?H3yNUrt3RUuxZQVutoj4QSpscirZ3+7+btSmcogbFhyWGW6ZDX3s6/02GUCK?= =?us-ascii?Q?D+6yiW1rD1QUSVt9EGTFes4tHKqQ3fdnBKGt9cSJRoQ9viZ4xUu6JW6fZwLF?= =?us-ascii?Q?h40F/u9nphmlTku0Djs6dsx+jxuWhmA93PGXd74SnV9gKJiMJZO+GL//v8UX?= =?us-ascii?Q?YqWiNqpVgKTaI5K9E9CXjC9gjn/1lJGEgy+OAFrpz+5ViMH5Hj9Owktax5ka?= =?us-ascii?Q?ZPdt1e/9etXmpSZcSpPY/ZXaMbm1w87HP9AAJmU0WPUM4ytTIWJR2lYy9qWd?= =?us-ascii?Q?gi5AqUoKlHiOg9NWA6Y54IeOkC5S1xy68Vbv4qEMIpq6RGDO6D9XaIsy6LVG?= =?us-ascii?Q?qzggGoM08gtOndYmyfYkRc/tttAqkrbaXcSjbUhLQioPbvQXLtpyaLHnMaOs?= =?us-ascii?Q?Y/cuB7KnjHlIUUUjUTaC3ytvu8BvTWTqfk14dccrfjtfGNlfyNDyWAGrLhH3?= =?us-ascii?Q?u1tqHtza/K6JxaRnH141Wb5TSfqCNv4kwMTIb8mZfrpByW+hNvmwksHR0CAl?= =?us-ascii?Q?bRM0XFEei8DZaTmfaewzJgtyrwx3lStRndY2cSYVkXTUMX3Pcr76mqHzlElF?= =?us-ascii?Q?Bl+nM1DyUDvqcSy3X0hi9y0cLa9rHntSCg81VRN4ExG5iMVy+0u6YdUvaqDT?= =?us-ascii?Q?FNemmFRrSbxwBZLv0pnc6w/SdmsS4lUPi54ddoG/ZlM44bRl/ub3y8X/pn+P?= =?us-ascii?Q?EwfTknO8+cZ6rWVQxroghOgYJkAlZfClpvjNB0WdrSGEQ4aXQeLuf+ESpR5V?= =?us-ascii?Q?gZNXlwJe1XwLGSlpmQM=3D?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DS2PR12MB9567.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(376014)(1800799024)(366016);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?pC+wwwmOWG5XlrpFoW1X9Fysr8sM2NljNiiASP8WQq2gFo7M67gmj5tjyLCj?= =?us-ascii?Q?jniMikwpVJPeZIUu1eedQfG2qkiNq66vuiROX9Z3gZ65U5Cr1OAdcqe4IGoB?= =?us-ascii?Q?ku5ty0JdLIbIUrXhHwpp0cJh6KDhyP0EnsrgAZ2yxvKWkNMgg7/O3pZs4vjO?= =?us-ascii?Q?dkhV7f9bMf6IukfmHABUsrC4rz57rYLP9SgDfD18z/tNIgR+Ky5NEQIV5H79?= =?us-ascii?Q?zHA4aFo25sn+xnH+f9+pKTmNVQY01GbP+VrtRy7WgrWoB7eIDm83eqqWG/lV?= =?us-ascii?Q?GnAsZfiNs8bnzfNd74X8f5UhSohJzH4fVatO3Igy99KefgUXiXJbVClGCAm3?= =?us-ascii?Q?MMZbo1C8raJKB42yvDu1VPk2Gj7edRGS9Vc6Ei/eWkf3XZnpl1iueajPDZTO?= =?us-ascii?Q?ztlW67Q3jl/Nh5BAWN4n1NQIOwX7Pws4PbTua3QYnWwRneWn9Nwe+obhG5v8?= =?us-ascii?Q?p+bz2LY9amCkSToFL0ilGmXTkXIZRDNcA09YrkXow0exWIx7WWco1RPDO8fO?= =?us-ascii?Q?x4gC3JcSuG7ydC8KUC6QE9fpbB+xeTsMYVDsDbsLH1YNa8IRENaZYtSSnyH3?= =?us-ascii?Q?ybHkL0V8JchXm/KHe/RhCeeJfM72h94j3+K1QddyjgD/jxHr38xYr7s4cTXd?= =?us-ascii?Q?S70+pJDA3wkHcDdMC8gRar9UFhWRvJf+khsnHrIH7FTzRBcUrI03bQUFa5Xp?= =?us-ascii?Q?LTi3lKtIRtxb+nG6OhaI2N5L1KZ2qATVbxwQ9CbCnSQwDVBop8GxYScL8XES?= =?us-ascii?Q?HT37L89jtBBXctbGsat/qhU7u+frNE0syNBYvzuiQU/MbB1D8V5e9T0ooJMa?= =?us-ascii?Q?SvQ6mpGJ+M1wVVeArd/EbRB5UX0txiPnQfqtvEDSUJdNEE9pI0o2yLSkZP2R?= =?us-ascii?Q?WqkKaPH6VgvkwgZJYT2HQ+4TwKb/scuFqDTrUdf76CrE9F+R/48VNtjlT2UI?= =?us-ascii?Q?21nofalbO+azAX8YK2Uydohk/hBK3vF5SFCP9nXCfD4Ox5+QOBIjI594EfZv?= =?us-ascii?Q?QC+cu+iluMnm0ujBi6p3hOCeXYtjs3naahwYJeJlAudu5UbMhQqCM6MZrjm9?= =?us-ascii?Q?8BhZqfz1ArhqWiRqfGtgeYE5r7We6yZHGa97zY5zT4sDOziFuMYnSwn6LvNH?= =?us-ascii?Q?jUqrIfdy/OU1+y4sxsqzfMfbqrvrZDzZu1QzaT4/T/yJOm+zdCELW6x1cE+o?= =?us-ascii?Q?63APra74wCnhTdcE33Gjn7IALp6KYII/dbeeK9+h1cYM2CU4FZTIF0xNkRNE?= =?us-ascii?Q?Y7G1PDXEzcv/IOpCQU72C8E6kVwTy+PH24+e+d1C8/R4jpCbLG36wcJdD8do?= =?us-ascii?Q?kYJmd3I5G0bOwe14duG6FuIibqXzttjkgIVdsNzOoZNJuN09XRyP7tKfwxN+?= =?us-ascii?Q?azI7qAPSB5xP9UkFvTs9/ox2pLw3wVXxnfl8a9SOy6kZlUVkoEEK/wAfZTTJ?= =?us-ascii?Q?5j4mHG50g893Nmq1afN12fGo0FGV1k9TZ6imwerNOnp2jabP+Xa/4dEMd1w2?= =?us-ascii?Q?G3AqlN21EhambbNPXgkfDEA7aF6nlrdeMzX5hS5hKoS6L/E9QvzCtbUC6gK0?= =?us-ascii?Q?RkL8VoBbpMT722auL6Im7YSrhSySGEZ4BNWH7/UxsEG+ZJVhnIsym4aZVWrS?= =?us-ascii?Q?od08hRjlGnl0jEhZFX9PPHZlfLf55GhhfHWNHSdO9U09509EmpyKPVUnQH+l?= =?us-ascii?Q?Ea6OnutigdzOZ48WPLgVK/yoEg7issaJ33NUeMQmJy4i8jAv40ueI4b5ZdiW?= =?us-ascii?Q?hGoSBp6E2Q=3D=3D?= X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-Network-Message-Id: 915df2f5-e090-47f4-a8e9-08de55694c07 X-MS-Exchange-CrossTenant-AuthSource: DS2PR12MB9567.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 17 Jan 2026 01:39:47.0895 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: FFlMHeDiq3ud+m4fi0pwpkE87RUPkg7Hcgv/FIt3YH07uL18w8GhJq7OgBXeTjsgdD94SwqfnHNs4aixIU+CbQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: LV2PR12MB999097 Message-ID-Hash: IWH6RVDWBK3PCTDHMMUGV7HIMKOBLZMU X-Message-ID-Hash: IWH6RVDWBK3PCTDHMMUGV7HIMKOBLZMU X-MailFrom: nathanc@nvidia.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; header-match-devel.lists.libvirt.org-0; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: skolothumtho@nvidia.com, nicolinc@nvidia.com, nathanc@nvidia.com, mochs@nvidia.com X-Mailman-Version: 3.3.10 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: From: Nathan Chen via Devel Reply-To: Nathan Chen X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1768614423786158500 Content-Type: text/plain; charset="utf-8" From: Nathan Chen When launching a qemu VM with the iommufd feature enabled for VFIO hostdevs: - Do not allow cgroup, namespace, and seclabel access to VFIO paths (/dev/vfio/vfio and /dev/vfio/) - Allow access to iommufd paths (/dev/iommu and /dev/vfio/devices/vfio*) for AppArmor, SELinux, and DAC Signed-off-by: Nathan Chen --- src/qemu/qemu_cgroup.c | 3 ++ src/qemu/qemu_namespace.c | 3 ++ src/security/security_apparmor.c | 31 ++++++++++++++------ src/security/security_dac.c | 49 +++++++++++++++++++++++++------- src/security/security_selinux.c | 47 +++++++++++++++++++++++------- src/security/virt-aa-helper.c | 33 ++++++++++++++++----- 6 files changed, 130 insertions(+), 36 deletions(-) diff --git a/src/qemu/qemu_cgroup.c b/src/qemu/qemu_cgroup.c index 7dadef0739..6148990f19 100644 --- a/src/qemu/qemu_cgroup.c +++ b/src/qemu/qemu_cgroup.c @@ -479,6 +479,9 @@ qemuSetupHostdevCgroup(virDomainObj *vm, g_autofree char *path =3D NULL; int perms; =20 + if (dev->source.subsys.u.pci.driver.iommufd =3D=3D VIR_TRISTATE_BOOL_Y= ES) + return 0; + if (!virCgroupHasController(priv->cgroup, VIR_CGROUP_CONTROLLER_DEVICE= S)) return 0; =20 diff --git a/src/qemu/qemu_namespace.c b/src/qemu/qemu_namespace.c index c689cc3e40..fb0734193d 100644 --- a/src/qemu/qemu_namespace.c +++ b/src/qemu/qemu_namespace.c @@ -345,6 +345,9 @@ qemuDomainSetupHostdev(virDomainObj *vm, { g_autofree char *path =3D NULL; =20 + if (hostdev->source.subsys.u.pci.driver.iommufd =3D=3D VIR_TRISTATE_BO= OL_YES) + return 0; + if (qemuDomainGetHostdevPath(hostdev, &path, NULL) < 0) return -1; =20 diff --git a/src/security/security_apparmor.c b/src/security/security_appar= mor.c index 68ac39611f..e7987b54b4 100644 --- a/src/security/security_apparmor.c +++ b/src/security/security_apparmor.c @@ -45,6 +45,7 @@ #include "virstring.h" #include "virscsi.h" #include "virmdev.h" +#include "viriommufd.h" =20 #define VIR_FROM_THIS VIR_FROM_SECURITY =20 @@ -841,25 +842,37 @@ AppArmorSetSecurityHostdevLabel(virSecurityManager *m= gr, } =20 case VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI: { - virPCIDevice *pci =3D + g_autoptr(virPCIDevice) pci =3D virPCIDeviceNew(&pcisrc->addr); =20 if (!pci) goto done; =20 if (pcisrc->driver.name =3D=3D VIR_DEVICE_HOSTDEV_PCI_DRIVER_NAME_= VFIO) { - char *vfioGroupDev =3D virPCIDeviceGetIOMMUGroupDev(pci); - - if (!vfioGroupDev) { - virPCIDeviceFree(pci); - goto done; + if (dev->source.subsys.u.pci.driver.iommufd !=3D VIR_TRISTATE_= BOOL_YES) { + char *vfioGroupDev =3D virPCIDeviceGetIOMMUGroupDev(pci); + + if (!vfioGroupDev) { + virPCIDeviceFree(pci); + goto done; + } + ret =3D AppArmorSetSecurityPCILabel(pci, vfioGroupDev, ptr= ); + VIR_FREE(vfioGroupDev); + } else { + g_autofree char *vfiofdDev =3D NULL; + + if (virPCIDeviceGetVfioPath(&dev->source.subsys.u.pci.addr= , &vfiofdDev) < 0) + goto done; + + ret =3D AppArmorSetSecurityPCILabel(pci, vfiofdDev, ptr); + if (ret < 0) + goto done; + + ret =3D AppArmorSetSecurityPCILabel(pci, VIR_IOMMU_DEV_PAT= H, ptr); } - ret =3D AppArmorSetSecurityPCILabel(pci, vfioGroupDev, ptr); - VIR_FREE(vfioGroupDev); } else { ret =3D virPCIDeviceFileIterate(pci, AppArmorSetSecurityPCILab= el, ptr); } - virPCIDeviceFree(pci); break; } =20 diff --git a/src/security/security_dac.c b/src/security/security_dac.c index 2f788b872a..d0ed22db2d 100644 --- a/src/security/security_dac.c +++ b/src/security/security_dac.c @@ -41,6 +41,7 @@ #include "virscsivhost.h" #include "virstring.h" #include "virutil.h" +#include "viriommufd.h" =20 #define VIR_FROM_THIS VIR_FROM_SECURITY =20 @@ -1282,14 +1283,27 @@ virSecurityDACSetHostdevLabel(virSecurityManager *m= gr, return -1; =20 if (pcisrc->driver.name =3D=3D VIR_DEVICE_HOSTDEV_PCI_DRIVER_NAME_= VFIO) { - g_autofree char *vfioGroupDev =3D virPCIDeviceGetIOMMUGroupDev= (pci); + if (dev->source.subsys.u.pci.driver.iommufd !=3D VIR_TRISTATE_= BOOL_YES) { + g_autofree char *vfioGroupDev =3D virPCIDeviceGetIOMMUGrou= pDev(pci); =20 - if (!vfioGroupDev) - return -1; + if (!vfioGroupDev) + return -1; + + ret =3D virSecurityDACSetHostdevLabelHelper(vfioGroupDev, + false, + &cbdata); + } else { + g_autofree char *vfiofdDev =3D NULL; + + if (virPCIDeviceGetVfioPath(&dev->source.subsys.u.pci.addr= , &vfiofdDev) < 0) + return -1; =20 - ret =3D virSecurityDACSetHostdevLabelHelper(vfioGroupDev, - false, - &cbdata); + ret =3D virSecurityDACSetHostdevLabelHelper(vfiofdDev, fal= se, &cbdata); + if (ret < 0) + break; + + ret =3D virSecurityDACSetHostdevLabelHelper(VIR_IOMMU_DEV_= PATH, false, &cbdata); + } } else { ret =3D virPCIDeviceFileIterate(pci, virSecurityDACSetPCILabel, @@ -1443,13 +1457,28 @@ virSecurityDACRestoreHostdevLabel(virSecurityManage= r *mgr, return -1; =20 if (pcisrc->driver.name =3D=3D VIR_DEVICE_HOSTDEV_PCI_DRIVER_NAME_= VFIO) { - g_autofree char *vfioGroupDev =3D virPCIDeviceGetIOMMUGroupDev= (pci); + if (dev->source.subsys.u.pci.driver.iommufd !=3D VIR_TRISTATE_= BOOL_YES) { + g_autofree char *vfioGroupDev =3D virPCIDeviceGetIOMMUGrou= pDev(pci); =20 - if (!vfioGroupDev) - return -1; + if (!vfioGroupDev) + return -1; =20 - ret =3D virSecurityDACRestoreFileLabelInternal(mgr, NULL, + ret =3D virSecurityDACRestoreFileLabelInternal(mgr, NULL, vfioGroupDev, fal= se); + } else { + g_autofree char *vfiofdDev =3D NULL; + + if (virPCIDeviceGetVfioPath(&dev->source.subsys.u.pci.addr= , &vfiofdDev) < 0) + return -1; + + ret =3D virSecurityDACRestoreFileLabelInternal(mgr, NULL, + vfiofdDev, fa= lse); + if (ret < 0) + break; + + ret =3D virSecurityDACRestoreFileLabelInternal(mgr, NULL, + VIR_IOMMU_DEV= _PATH, false); + } } else { ret =3D virPCIDeviceFileIterate(pci, virSecurityDACRestorePCIL= abel, mgr); } diff --git a/src/security/security_selinux.c b/src/security/security_selinu= x.c index 2f3cc274a5..834383a7de 100644 --- a/src/security/security_selinux.c +++ b/src/security/security_selinux.c @@ -41,6 +41,7 @@ #include "virconf.h" #include "virtpm.h" #include "virstring.h" +#include "viriommufd.h" =20 #define VIR_FROM_THIS VIR_FROM_SECURITY =20 @@ -2256,14 +2257,27 @@ virSecuritySELinuxSetHostdevSubsysLabel(virSecurity= Manager *mgr, return -1; =20 if (pcisrc->driver.name =3D=3D VIR_DEVICE_HOSTDEV_PCI_DRIVER_NAME_= VFIO) { - g_autofree char *vfioGroupDev =3D virPCIDeviceGetIOMMUGroupDev= (pci); + if (dev->source.subsys.u.pci.driver.iommufd !=3D VIR_TRISTATE_= BOOL_YES) { + g_autofree char *vfioGroupDev =3D virPCIDeviceGetIOMMUGrou= pDev(pci); =20 - if (!vfioGroupDev) - return -1; + if (!vfioGroupDev) + return -1; + + ret =3D virSecuritySELinuxSetHostdevLabelHelper(vfioGroupD= ev, + false, + &data); + } else { + g_autofree char *vfiofdDev =3D NULL; + + if (virPCIDeviceGetVfioPath(&dev->source.subsys.u.pci.addr= , &vfiofdDev) < 0) + return -1; =20 - ret =3D virSecuritySELinuxSetHostdevLabelHelper(vfioGroupDev, - false, - &data); + ret =3D virSecuritySELinuxSetHostdevLabelHelper(vfiofdDev,= false, &data); + if (ret) + break; + + ret =3D virSecuritySELinuxSetHostdevLabelHelper(VIR_IOMMU_= DEV_PATH, false, &data); + } } else { ret =3D virPCIDeviceFileIterate(pci, virSecuritySELinuxSetPCIL= abel, &data); } @@ -2491,12 +2505,25 @@ virSecuritySELinuxRestoreHostdevSubsysLabel(virSecu= rityManager *mgr, return -1; =20 if (pcisrc->driver.name =3D=3D VIR_DEVICE_HOSTDEV_PCI_DRIVER_NAME_= VFIO) { - g_autofree char *vfioGroupDev =3D virPCIDeviceGetIOMMUGroupDev= (pci); + if (dev->source.subsys.u.pci.driver.iommufd !=3D VIR_TRISTATE_= BOOL_YES) { + g_autofree char *vfioGroupDev =3D virPCIDeviceGetIOMMUGrou= pDev(pci); =20 - if (!vfioGroupDev) - return -1; + if (!vfioGroupDev) + return -1; + + ret =3D virSecuritySELinuxRestoreFileLabel(mgr, vfioGroupD= ev, false, false); + } else { + g_autofree char *vfiofdDev =3D NULL; + + if (virPCIDeviceGetVfioPath(&dev->source.subsys.u.pci.addr= , &vfiofdDev) < 0) + return -1; =20 - ret =3D virSecuritySELinuxRestoreFileLabel(mgr, vfioGroupDev, = false, false); + ret =3D virSecuritySELinuxRestoreFileLabel(mgr, vfiofdDev,= false, false); + if (ret < 0) + break; + + ret =3D virSecuritySELinuxRestoreFileLabel(mgr, VIR_IOMMU_= DEV_PATH, false, false); + } } else { ret =3D virPCIDeviceFileIterate(pci, virSecuritySELinuxRestore= PCILabel, mgr); } diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c index e365d02af4..82dfb3d3af 100644 --- a/src/security/virt-aa-helper.c +++ b/src/security/virt-aa-helper.c @@ -50,6 +50,7 @@ #include "virstring.h" #include "virgettext.h" #include "virhostdev.h" +#include "viriommufd.h" =20 #define VIR_FROM_THIS VIR_FROM_SECURITY =20 @@ -1114,8 +1115,9 @@ get_files(vahControl * ctl) =20 virDeviceHostdevPCIDriverName driverName =3D dev->source.subsy= s.u.pci.driver.name; =20 - if (driverName =3D=3D VIR_DEVICE_HOSTDEV_PCI_DRIVER_NAME_VFIO = || - driverName =3D=3D VIR_DEVICE_HOSTDEV_PCI_DRIVER_NAME_DEFAU= LT) { + if ((driverName =3D=3D VIR_DEVICE_HOSTDEV_PCI_DRIVER_NAME_VFIO= || + driverName =3D=3D VIR_DEVICE_HOSTDEV_PCI_DRIVER_NAME_DEFAU= LT) && + dev->source.subsys.u.pci.driver.iommufd !=3D VIR_TRISTATE_= BOOL_YES) { needsVfio =3D true; } =20 @@ -1348,6 +1350,7 @@ get_files(vahControl * ctl) virBufferAddLit(&buf, " \"/dev/vfio/vfio\" rw,\n"); virBufferAddLit(&buf, " \"/dev/vfio/[0-9]*\" rw,\n"); } + if (needsgl) { /* if using gl all sorts of further dri related paths will be need= ed */ virBufferAddLit(&buf, " # DRI/Mesa/(e)GL config and driver paths\= n"); @@ -1385,9 +1388,18 @@ get_files(vahControl * ctl) } } =20 - if (ctl->newfile && - vah_add_file(&buf, ctl->newfile, "rwk") !=3D 0) { - return -1; + if (ctl->newfile) { + const char *perms =3D "rwk"; + + /* VFIO and iommufd devices need mmap permission */ + if (STRPREFIX(ctl->newfile, "/dev/vfio/devices/vfio") || + STREQ(ctl->newfile, VIR_IOMMU_DEV_PATH)) { + perms =3D "rwm"; + } + + if (vah_add_file(&buf, ctl->newfile, perms) !=3D 0) { + return -1; + } } =20 ctl->files =3D virBufferContentAndReset(&buf); @@ -1561,8 +1573,15 @@ main(int argc, char **argv) } } if (ctl->append && ctl->newfile) { - if (vah_add_file(&buf, ctl->newfile, "rwk") !=3D 0) - goto cleanup; + const char *perms =3D "rwk"; + + if (STRPREFIX(ctl->newfile, "/dev/vfio/devices/vfio") || + STREQ(ctl->newfile, VIR_IOMMU_DEV_PATH)) { + perms =3D "rwm"; + } + + if (vah_add_file(&buf, ctl->newfile, perms) !=3D 0) + return -1; } else { if (ctl->def->virtType =3D=3D VIR_DOMAIN_VIRT_QEMU || ctl->def->virtType =3D=3D VIR_DOMAIN_VIRT_KQEMU || --=20 2.43.0 From nobody Mon Feb 2 05:56:45 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; arc=fail (Bad Signature); dmarc=pass(p=reject dis=none) header.from=lists.libvirt.org Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1768614527057766.6076449566879; Fri, 16 Jan 2026 17:48:47 -0800 (PST) Received: by lists.libvirt.org (Postfix, from userid 993) id 2768741B83; Fri, 16 Jan 2026 20:48:46 -0500 (EST) Received: from [172.19.199.3] (lists.libvirt.org [8.43.85.245]) by lists.libvirt.org (Postfix) with ESMTP id DFFB344096; Fri, 16 Jan 2026 20:40:23 -0500 (EST) Received: by lists.libvirt.org (Postfix, from userid 993) id 2131643E4B; Fri, 16 Jan 2026 20:40:18 -0500 (EST) Received: from CH1PR05CU001.outbound.protection.outlook.com (mail-northcentralusazon11010017.outbound.protection.outlook.com [52.101.193.17]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (prime256v1) server-signature RSA-PSS (3072 bits) server-digest SHA256) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id 92DEC41C1C for ; Fri, 16 Jan 2026 20:39:51 -0500 (EST) Received: from DS2PR12MB9567.namprd12.prod.outlook.com (2603:10b6:8:27c::8) by LV2PR12MB999097.namprd12.prod.outlook.com (2603:10b6:408:353::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9520.6; Sat, 17 Jan 2026 01:39:48 +0000 Received: from DS2PR12MB9567.namprd12.prod.outlook.com ([fe80::636:1b52:24ca:d7e5]) by DS2PR12MB9567.namprd12.prod.outlook.com ([fe80::636:1b52:24ca:d7e5%3]) with mapi id 15.20.9520.005; Sat, 17 Jan 2026 01:39:48 +0000 X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-3.4 required=5.0 tests=ARC_SIGNED,ARC_VALID,BAYES_00, DKIM_INVALID,DKIM_SIGNED,MAILING_LIST_MULTI,RCVD_IN_DNSWL_LOW, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED,RCVD_IN_VALIDITY_RPBL_BLOCKED, RCVD_IN_VALIDITY_SAFE_BLOCKED,SPF_PASS autolearn=unavailable autolearn_force=no version=4.0.1 ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=mqNmKT+gDVI0p4E9o4Un2lZJ0PY3D/VTFfhzlNt/kOYL4idW/Qtgyj73lh8rN0vMHIW69bYLaJ0arWlKO4oTrtDF9zpHIuXivPDv/1vuJsTtqbn6jQ4P1tQGTNPFanng6UjCxl7AFCn5bme4uO5Cqh5apYXPgvuXgk1N/DENpYKwGAkJ9trH+fG6XeBbvlgmnYMQ7/N7QDr9x7kRNn886MFcBDee8Z0qqlhtecxVe38hyLHIog5Uxi2TFAzE/QjftxWMM4lRNX1E+UBSSbV+6resX3XwICv38jnFRF0FQD43AgnDVhQmB/EyEf2ETl4Yy51Mnebz+9ysorkOENRPTA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=wDy1eoB8zMSaGnAo+th0AZI4JShktwhrGyNYvDaNYFA=; b=kk/f3Vtb2gGl+m23PWHFreWjc3dWMArc2WlfFFRv1C6m9fy2droAzXO6lpRbzwX7nx1jGyYAoKzws0A6aSrmkr2ios9kzPrka3IEYQYnQd7B/NZuSJfHBPwOieohOX/SKYoXWvxLxF2+61BOUWxtvm910s+3aTMOZEEHhrLk8GADxWWdtvGtMJpiBwZe2Ogx+AgSVjjwi2btRGjKJJmXF8dK2bDJvppOtduPCScojXSpuuG3BXnxNdz8RO4fvM9CrxUhpKQrh1LCqGc7STIUQs0qOszEKS8JftTRjWOEl5C6tIqc3Owjabp7xpzgAEnhwsi7s0ISMg9rxdKoljucPQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nvidia.com; dmarc=pass action=none header.from=nvidia.com; dkim=pass header.d=nvidia.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=wDy1eoB8zMSaGnAo+th0AZI4JShktwhrGyNYvDaNYFA=; b=B/U4woweIvua0f5QOY2DA9STVX0ZH6qYtMm3RQpQIclMjI8eSL2LjqtnG2jLgIcTDjyr6QqkcJCJK+Qf8Ee3LMkXWMYqMFi7v3PyXghrsVXQvtMw1wCJ2FzOkJKN+j+8RBGt35klvTu0f5S055HQZjEAO5EtzDhOicDffho1ecv0fuMEA0htYX69E/v59JLOy2BX67Oo9UcTXJalvqizk6TVKXJuHVJ87DgcaUulZMGIaWqGDMGogi4arU47bFk6eg7Rv4GXudora+h7hJEoE+2smIy64UxeFYwNpuhOTogq+uABfbrBreU2/ZZwbDbkt+Xw0XBCJuAGeP+c4P6Ayw== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nvidia.com; To: devel@lists.libvirt.org Subject: [PATCH v5 7/7] tests: qemuxmlconfdata: provide iommufd sample XML and CLI args Date: Fri, 16 Jan 2026 17:39:37 -0800 Message-ID: <20260117013937.3803457-8-nathanc@nvidia.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20260117013937.3803457-1-nathanc@nvidia.com> References: <20260117013937.3803457-1-nathanc@nvidia.com> Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: BYAPR07CA0080.namprd07.prod.outlook.com (2603:10b6:a03:12b::21) To DS2PR12MB9567.namprd12.prod.outlook.com (2603:10b6:8:27c::8) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS2PR12MB9567:EE_|LV2PR12MB999097:EE_ X-MS-Office365-Filtering-Correlation-Id: fc5aa804-3389-40f5-af87-08de55694ce7 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|376014|1800799024|366016; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?8ILKWnKwT0ZMITzZrQ5A4tuUcTLHue/DXQPaJQq3nOp0k5VJnToB2t+pK+KT?= =?us-ascii?Q?GqE7M2SgZb7mbvvpbMjjv0nJxHeS4cwQ6z82HrO7TvhsZNbvjH/8mDdOFWR+?= =?us-ascii?Q?RqCsXYZoaBI7QkuwWBtUGEd3ArROzqXicb2RPFEEqj0cEA1sGsCxxuiXG8cD?= =?us-ascii?Q?HUoEc/Oaj+lWrfwN+lAal91JVs8e9YyfYpAV9Di2mzkE/a2ShFumpgN3iA5U?= =?us-ascii?Q?0DkIXCdo/TiFSlpeUOG45R0ws5NuKlT0HUUycE1/rKtN9W59yVB0PIXAps52?= =?us-ascii?Q?LJCnka0YAjTMPSr/o6/Dlt2wtub7eu+eAwKTYq9vYKuZ2+CZ8VMf0GAFt8U/?= =?us-ascii?Q?DUb2ncCxqfTfE5ruwWvc8WrouPURuK4hf/wKpRwshNJ1UL2I47XsUQ5UJPz2?= =?us-ascii?Q?91hnOIGjyi9Jdqve2WeMXpozouvLDzNDd5CWDSvPJj+3eUKZV2mAFuvN2UHe?= =?us-ascii?Q?TqRunF5LdHIrSWEuDvgooh7ZjboUisJlcZgZgu4QPdHe7AjNG3tKgaFx7hQc?= =?us-ascii?Q?WffVJVE0yQpxxxgHVvu/4eDL6pOwODg2DDXRRSVZJf647V1evTeULcyzAZN2?= =?us-ascii?Q?OQAzBZt6IRGgn2Qvz3lyiZKnq32Q9wLAEv4mGRDMRD6g7X3682mJx4NjgJ4g?= =?us-ascii?Q?+QB+ax5kLBIgMsEYy6pVjw2bw66LmT93ey7x9N5sqj5gNS5u8YX/ZTOsibMn?= =?us-ascii?Q?xsmaPwRvaLLeUlE5bJC5OkOcWv+ucxK8+r3gv+l/thuh2W9d1jKij9cSl2Ij?= =?us-ascii?Q?INeeMHRBIHnekRWfznTtYSFG3+q4TdvmmVLZ+M6XT5/VrtVgs46B1jeHNXLx?= =?us-ascii?Q?I1zOgkebFmHVVKV/3akbJ5iYSv+vTqznQm+z0i1slMYIKdXK0n7TJs5mHJ7F?= =?us-ascii?Q?72z8gmfTJvWqa0ADTQjrZVOoh6snC38SppW3pGil+Rjcv5NsEDs62HTgPHre?= =?us-ascii?Q?6ilNuvgFKEgesNck/+Z9eXQomJs6cVKiZY16iQiIx1ShxaPLu5NKPbevvZel?= =?us-ascii?Q?SoIvvQED8uON26rKxUo4wDkAGCZi/eO40MOz71vc0zglb/sE1Fqi49bqdO7A?= =?us-ascii?Q?Iqt4APe6KTdYpAFsw7h9nJJ0RvDsZzI8XzBt/bt8gYFx8m108Q6BlGIZzsg1?= =?us-ascii?Q?b3MokO/UxLQjHSAWrTC45LRg5CjW6uPKU/NFFismaRON4JmRUj5wvwRa9PaT?= =?us-ascii?Q?tYfJOURDh6ier5jd353v40v+r00Ytw9582BoeOP6OF+AClEJigvDmF+KRHan?= =?us-ascii?Q?HOoEIMaB4ug7EFNR6GPipQipyDjGXsIv/QpHsAX+SNrd5oJmo8d6mESy50K6?= =?us-ascii?Q?D7y1Nd838onf78IBNjttK16d7lnwDbXz0eR7OxxptdTkNBq1+hQP36bc+VQW?= =?us-ascii?Q?mhdpDvqidwTmQoknATC2ISDyixBTX1z/zvByEKHaHEg0KILGL6X75oC6vneO?= =?us-ascii?Q?vzmJvR9LXBNxxhRRa2ot0isuPtCuIqcG/iPTqtcIni1nlqj6nH26TVihLjY3?= =?us-ascii?Q?4kQ7i57mFIxIxyLYsm0lhOdxj2JwXXMWnTr/0PQkQ5J9cS6tjKbPXOBFG2/B?= =?us-ascii?Q?pu/trPLLsuFPmo5/PZE=3D?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DS2PR12MB9567.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(376014)(1800799024)(366016);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?/CpBfPTJlSdxXPBI6zTh+nOk7QJHl17o4mc8KeGJMrabLsdsP2YGdzvLuNHg?= =?us-ascii?Q?iyA4aw+8M1JyB3SrIcOY4qHTzFijisakSYLk5KKdJAp9buawOGO6OpK49sKi?= =?us-ascii?Q?gJl6+dxad5ymK7TZ+hIWUxUNTqbYxi+wvwkRDfvUK3qcESbPj0tO9nqswiuv?= =?us-ascii?Q?ltvfshAGia3G5IqjFHrPYVgiKwGxltE/j/sPyVH9PTH8bikmB+gMMiK2mkkW?= =?us-ascii?Q?tOPYMeHMDABdxjRB9kvWkXF4sgzXfV+01nqxdxN1DcNDcS9J9upRkL2DOLBV?= =?us-ascii?Q?w/rZEYXsmQC5ip9B/lxfJVtM/G6PQRQ/WXLsz2tjizRBGb7Zxr+pXi3YhVBm?= =?us-ascii?Q?99fGr/dL4TGXD/v/lEXLHeiapUoqK8ka7jl2cQ5Bho6clHx9pIxt4PJukZk/?= =?us-ascii?Q?98sAPHUwpIqno16XFpakowOsHZs8no7/HXIOFIytNIKeDX8TS7HGHNjoKmcE?= =?us-ascii?Q?hpPifTju/Db7FKyV/6AZVoCOY0laMTPrLOrkV6ho/abJiSfhdTjz+ApIdWvY?= =?us-ascii?Q?SlWjq8dcZa0Uc5XrwYGbvPhFFZaLUUjOSIFZnzG6pNuqW3lLRxN6hExJ9KGx?= =?us-ascii?Q?nBcPopdbdjAvmZb5YCp+t5yV+bWyHUggwjhGsY4Ox3DIgwCXGcmM/R7QCmhE?= =?us-ascii?Q?DLeaBD50jCMGSPjN5UJiiCU06PQpPjKVSM+tAMrMYa9XKBiZF3Ir0V1EJc9b?= =?us-ascii?Q?IVcyHKg+9tR/upNXojX8nG9+sqgpc5iC2iOa8/Ywtw10kUBnQxLhn2akR//H?= =?us-ascii?Q?vm/JRcWSyfpkB0uzAm08OY+phlp3i59w+G6Sd27LeGPw//ZK5/zo/HynAY4T?= =?us-ascii?Q?sV82Jg1QZ4YV0on6Sg7vqMni/qpFEGJd/IPzYHkBB5XuFmOE/CzMX2eTHRbZ?= =?us-ascii?Q?oBEXbaZmKkPDuwByRg9KKtI5nJ8IRSvwgu32KtBieCwqT34zfj+IHlhpBAZA?= =?us-ascii?Q?GEXDt/6n/wHjC7UZC4/vqSNu3KVSG9EyKa6hb33+zGs1e7CkpCac9fTMdebv?= =?us-ascii?Q?qGffCpXBBz6JenRXNCBz0dMq5xf9sKzP+htHvpxbFF6e7wSIGPfK4s1BgSO8?= =?us-ascii?Q?bagK0oeBbUCwxWVhS0hes73l7Engco97X5168e6XBSzr5hC4IAPwclto6rV1?= =?us-ascii?Q?MFvnuMYNnZNmlAEQHbI3ayg6qqXDV4Dcxs7YXE2MV//qcQYcdTy+L9bYGeX/?= =?us-ascii?Q?qgLlCMO3I0vfAo1tk/ZfmjP9aHFPVzQXCLGrouKqa/he9yl2lA/KDZchyhGo?= =?us-ascii?Q?lh9Vmgczb9EabrtlskAZXhxbtrzIIMbOQmS8kwC61wrmWA/kIGTdkmekE8Mz?= =?us-ascii?Q?a0wFLXz0jFXqntEmuWi6SQF805u6jr+GKVWDOSNkXVsQCjDGlguJ/XSYRore?= =?us-ascii?Q?cjIoKilq46EZFEbDKC3+RRwkSYRblm6ufV7qQeHZDsQ+avInxGN6ef8jyUYM?= =?us-ascii?Q?I2KOtsHY+fvviZSU5pa8y/F7tL9JESFAlcinyIaKkBx5cEFw6/WVlMUPoG5x?= =?us-ascii?Q?8kZE2jpD687adPWlELyer/OFPzT0b6pJbkBMSXzg/hPQkH7YM3wre2i7IaQg?= =?us-ascii?Q?RkEQP0lYWEefJvYIlIQO2HOZoFecOKwPp/xkClP7hTy/Prr4lwAxLDl4bEXP?= =?us-ascii?Q?WMU6pJYtvAVWy2xMV4Kn2trrEG2vHXNabC+/EZCCwznz0L9LXx7REAqrvSc5?= =?us-ascii?Q?ezS6UCU1ermBDbPVDRkZ/jasWKPYq0rye2C5myoz1QCEz7beoM8Cb5ItCF4r?= =?us-ascii?Q?A4D0/XlCOw=3D=3D?= X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-Network-Message-Id: fc5aa804-3389-40f5-af87-08de55694ce7 X-MS-Exchange-CrossTenant-AuthSource: DS2PR12MB9567.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 17 Jan 2026 01:39:48.5354 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: 9VD9izAId4/asWv0L/t/K6R53ODTbW7aNRCYqfUl6aS9Z/0pyGBq/97UHDpx7dQtCwXf4xk7rC9tNm4nt13X3Q== X-MS-Exchange-Transport-CrossTenantHeadersStamped: LV2PR12MB999097 Message-ID-Hash: FRXZ7X4S7O5ZUG34ABF5VUU6KL4RJXA3 X-Message-ID-Hash: FRXZ7X4S7O5ZUG34ABF5VUU6KL4RJXA3 X-MailFrom: nathanc@nvidia.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; header-match-devel.lists.libvirt.org-0; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: skolothumtho@nvidia.com, nicolinc@nvidia.com, nathanc@nvidia.com, mochs@nvidia.com X-Mailman-Version: 3.3.10 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: From: Nathan Chen via Devel Reply-To: Nathan Chen X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1768614528634158500 Content-Type: text/plain; charset="utf-8" From: Nathan Chen Provide sample XML and CLI args for the iommufd XML schema for pc, q35, and virt machine types. Signed-off-by: Nathan Chen --- .../iommufd-q35.x86_64-latest.args | 41 +++++++++++++ .../iommufd-q35.x86_64-latest.xml | 60 +++++++++++++++++++ tests/qemuxmlconfdata/iommufd-q35.xml | 38 ++++++++++++ ...fd-virt-pci-bus-single.aarch64-latest.args | 32 ++++++++++ ...ufd-virt-pci-bus-single.aarch64-latest.xml | 31 ++++++++++ .../iommufd-virt-pci-bus-single.xml | 22 +++++++ .../iommufd-virt.aarch64-latest.args | 36 +++++++++++ .../iommufd-virt.aarch64-latest.xml | 53 ++++++++++++++++ tests/qemuxmlconfdata/iommufd-virt.xml | 29 +++++++++ .../iommufd.x86_64-latest.args | 35 +++++++++++ .../qemuxmlconfdata/iommufd.x86_64-latest.xml | 38 ++++++++++++ tests/qemuxmlconfdata/iommufd.xml | 30 ++++++++++ tests/qemuxmlconftest.c | 34 +++++++++++ 13 files changed, 479 insertions(+) create mode 100644 tests/qemuxmlconfdata/iommufd-q35.x86_64-latest.args create mode 100644 tests/qemuxmlconfdata/iommufd-q35.x86_64-latest.xml create mode 100644 tests/qemuxmlconfdata/iommufd-q35.xml create mode 100644 tests/qemuxmlconfdata/iommufd-virt-pci-bus-single.aarch= 64-latest.args create mode 100644 tests/qemuxmlconfdata/iommufd-virt-pci-bus-single.aarch= 64-latest.xml create mode 100644 tests/qemuxmlconfdata/iommufd-virt-pci-bus-single.xml create mode 100644 tests/qemuxmlconfdata/iommufd-virt.aarch64-latest.args create mode 100644 tests/qemuxmlconfdata/iommufd-virt.aarch64-latest.xml create mode 100644 tests/qemuxmlconfdata/iommufd-virt.xml create mode 100644 tests/qemuxmlconfdata/iommufd.x86_64-latest.args create mode 100644 tests/qemuxmlconfdata/iommufd.x86_64-latest.xml create mode 100644 tests/qemuxmlconfdata/iommufd.xml diff --git a/tests/qemuxmlconfdata/iommufd-q35.x86_64-latest.args b/tests/q= emuxmlconfdata/iommufd-q35.x86_64-latest.args new file mode 100644 index 0000000000..7d819e141b --- /dev/null +++ b/tests/qemuxmlconfdata/iommufd-q35.x86_64-latest.args @@ -0,0 +1,41 @@ +LC_ALL=3DC \ +PATH=3D/bin \ +HOME=3D/var/lib/libvirt/qemu/domain--1-q35-test \ +USER=3Dtest \ +LOGNAME=3Dtest \ +XDG_DATA_HOME=3D/var/lib/libvirt/qemu/domain--1-q35-test/.local/share \ +XDG_CACHE_HOME=3D/var/lib/libvirt/qemu/domain--1-q35-test/.cache \ +XDG_CONFIG_HOME=3D/var/lib/libvirt/qemu/domain--1-q35-test/.config \ +/usr/bin/qemu-system-x86_64 \ +-name guest=3Dq35-test,debug-threads=3Don \ +-S \ +-object '{"qom-type":"secret","id":"masterKey0","format":"raw","file":"/va= r/lib/libvirt/qemu/domain--1-q35-test/master-key.aes"}' \ +-machine q35,usb=3Doff,dump-guest-core=3Doff,memory-backend=3Dpc.ram,acpi= =3Doff \ +-accel tcg \ +-cpu qemu64 \ +-m size=3D2097152k \ +-object '{"qom-type":"memory-backend-ram","id":"pc.ram","size":2147483648}= ' \ +-overcommit mem-lock=3Doff \ +-smp 2,sockets=3D2,cores=3D1,threads=3D1 \ +-uuid 11dbdcdd-4c3b-482b-8903-9bdb8c0a2774 \ +-display none \ +-no-user-config \ +-nodefaults \ +-chardev socket,id=3Dcharmonitor,fd=3D1729,server=3Don,wait=3Doff \ +-mon chardev=3Dcharmonitor,id=3Dmonitor,mode=3Dcontrol \ +-rtc base=3Dutc \ +-no-shutdown \ +-boot strict=3Don \ +-device '{"driver":"pcie-root-port","port":16,"chassis":1,"id":"pci.1","bu= s":"pcie.0","multifunction":true,"addr":"0x2"}' \ +-device '{"driver":"pcie-root-port","port":17,"chassis":2,"id":"pci.2","bu= s":"pcie.0","addr":"0x2.0x1"}' \ +-device '{"driver":"qemu-xhci","id":"usb","bus":"pci.1","addr":"0x0"}' \ +-blockdev '{"driver":"host_device","filename":"/dev/HostVG/QEMUGuest1","no= de-name":"libvirt-1-storage","read-only":false}' \ +-device '{"driver":"ide-hd","bus":"ide.0","drive":"libvirt-1-storage","id"= :"sata0-0-0","bootindex":1}' \ +-audiodev '{"id":"audio1","driver":"none"}' \ +-device '{"driver":"qxl-vga","id":"video0","max_outputs":1,"ram_size":6710= 8864,"vram_size":33554432,"vram64_size_mb":0,"vgamem_mb":8,"bus":"pcie.0","= addr":"0x1"}' \ +-global ICH9-LPC.noreboot=3Doff \ +-watchdog-action reset \ +-object '{"qom-type":"iommufd","id":"iommufd0","fd":"-1"}' \ +-device '{"driver":"vfio-pci","host":"0000:06:12.5","id":"hostdev0","iommu= fd":"iommufd0","fd":"0","bus":"pcie.0","addr":"0x3"}' \ +-sandbox on,obsolete=3Ddeny,elevateprivileges=3Ddeny,spawn=3Ddeny,resource= control=3Ddeny \ +-msg timestamp=3Don diff --git a/tests/qemuxmlconfdata/iommufd-q35.x86_64-latest.xml b/tests/qe= muxmlconfdata/iommufd-q35.x86_64-latest.xml new file mode 100644 index 0000000000..bb76252b61 --- /dev/null +++ b/tests/qemuxmlconfdata/iommufd-q35.x86_64-latest.xml @@ -0,0 +1,60 @@ + + q35-test + 11dbdcdd-4c3b-482b-8903-9bdb8c0a2774 + 2097152 + 2097152 + 2 + + hvm + + + + qemu64 + + + destroy + restart + destroy + + /usr/bin/qemu-system-x86_64 + + + + +
+ + + + + +
+ + + + +
+ + +
+ + +
+ + + +